000022165 - RSA ACE/Server 5.0 Hostname Resolution Issues; How to eliminate RSA ACE/Server 5.0 heavy dependance on Hostname Resolution

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022165
Applies ToRSA ACE/Server 5.0.2 (no longer supported as of 8-15-2004)
RSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
IssueRSA ACE/Server 5.0 Hostname Resolution Issues; How to eliminate RSA ACE/Server 5.0 heavy dependance on Hostname Resolution
Freedom From Hostname Resolution Dependencies Hot Fix
ResolutionHot fix tst23684 made hostname resolution more lenient, and is included in Patch 04 for RSA ACE/Server 5.0.1. Customers with a maintenance contract can download Patch 04 from RSA SecurCare Online (customers wishing to register can do so here). Later versions of RSA ACE/Server, such as RSA ACE/Server 5.1 and RSA ACE/Server 5.2, already have hostname resolution leniency built in.

Notes:

RSA ACE/Server 5.0.1, 5.0.2, 5.0.3 with this hot fix implemented by installing Patch 04 or using a later version of RSA ACE/Server requires that the hostname must be resolvable in some form. The UNIX sdshell command requires the ability to resolve the Fully Qualified Domain Name (FQDN). Restrictions on the configuration management, host-mode administration, replication, and startup are relaxed through the implementation of this hot fix, greatly reducing installation complexity and burden.

Information on hot fix tst23684:

The changes in hot fix tst23684 address the customer's needs for a more lenient host resolution system when determining server/replica identity and managing replica table entries. With this hot fix, hostname resolution is now tied to the option "Resolve Hosts and Services By Name" in the RSA ACE/Server configuration record.

- If "Resolve Hosts and Services By Name" check box is checked, the same stringent host comparison policies that currently exist in the RSA ACE/Server 5.0 will apply.

- If "Resolve hosts and services by name" is not checked, all host identity comparisons will be done by IP address. IP addresses have no short form, case sensitivity, or fully-qualified forms associated with them, and lack the inconsistencies associated with host names.

Since RSA ACE/Server 5.x is dependent on network identity, you must have at least one valid form of host name resolution working on an RSA ACE/Server for it to run properly.
Legacy Article IDa9306

Attachments

    Outcomes