000024978 - How to correct replication service name / port number in sdinfo when using RSA ACE/Server

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000024978
Applies ToRSA ACE/Server
UNIX (AIX, HP-UX, Solaris)
IssueHow to correct replication service name / port number in sdinfo when using RSA ACE/Server
On UNIX, if the ACE/Server is upgraded from previous version to version 5.0 or later, sdinfo indicates replication service name as securidprop or blank. The port number shows as 5510 or 5505. The correct name is securidprop_00 and port number is 5505/tcp
Running sdsetup -config, it is not possible to change this because, no option to change replication service will be prompted
Error: "Unable to read license. sdconfig exiting" appears when trying to run sdconfig -config
Error: "Warning: no copy of sdconf.rec in directory /path/ace/data" appears when trying to run sdsetup -config after copying the sdconf.rec file from another machine. THIS SERVER field will have some incorrect hostname. First sdconfig -config must be run before running sdsetup -config.

NOTE: Although the replication port or service name are incorrect in sdinfo, ACE/Server will function properly in all aspects. The database will synchronise between primary and  replica and authentication will take place from all Agent Hosts. The reason for this is ACE/Server uses the replication service name and port number specified in replica table (sdrepmgmt list will verify this).
ResolutionThe only way to correct the replication service in sdinfo is to generate sdconf.rec file from a fresh installation of ACE/Server 5.0.01. A fresh installation of ACE/Server will have the correct replication service and port number. If there is no ACE/Server 5.0 or 5.0.01 installation is available, RSA Security Technical Support can be contacted for help.
1. On primary:

./sdrepmgmt list

a. name of primary server
b  Replication servie name: securidprop_00  (NOT securidprop)
c. Replication port number: 5505/tcp (NOT 5510 or zero)

If any of the above information is incorrect, backup the database by running sddump with server option.
Save sdserv.dmp and license.rec files. Then only the replica table should be fixed: see Error: 'WARNING: Unable to find replication service name 'securidprop'' while installing RSA ACE/Server 5.2

2. If the Replica table has correct information it is not necessary to change anything.

3. Replication service name cannot be corrected by running sdsetup -config. But a sdconf.rec file can be generated from another instance of ACE/Server 5.0 installation for this server.

1. Verify the replication port number and service name in sdinfo. If the correct name and number are shown do the following:

a. Edit the etc/hosts file on another ACE/Server fresh installation.
b. Add the IP address and hostname of the desired ACE/Server specified in sdinfo.
c. Run sdsetup -config
  Change the Primary server name
  Change the Acting Master server name.
  Accept all defaults.
d. Copy sdconf.rec file to ACE/Server machine.
   This server field will have the incorrect hostname and does not match with Primary server hostname.
   Primary server name and Acting Master server name will show the correct hostname.
   cd ace/utils
   # ./admenv

The following environment variables must be set in order to use the administration toolkit.  They must be set for each individual toolkit user or set globally for all users.



Note: The path for environment variables must be set according to the out put of admenv and should not be copied from here.
e. Run ./sdconfig -config  (This will change the field THIS SERVER)
   Accept the defaults.
   If you do ./sdinfo, now "THIS SERVER" will have correct information.
f.  Run ./sdsetup -config
   At the end it will indicate that the file permissions are changed.
g. Run ./ sdinfo
   Confirm the changes in sdinfo
   "THIS SERVER" field will have correct hostname matching with Primary server name.

If the replica table has incorrect port number or replication service name, see also: Error: 'WARNING: Unable to find replication service name 'securidprop'' while installing RSA ACE/Server 5.2
Legacy Article IDa8383