Community Webinar – Early look into OES2018 SP1

Madhan

Following up on the earlier blog on Registrations being open for OES2018 SP1 Beta Program, we are hosting a community webinar that gives an early look into the updates and features that will be delivered as part of Open Enterprise Server 2018 SP1. Please register for the webinar – ‘An early look at OES 2018 …

+read more

The post Community Webinar – Early look into OES2018 SP1 appeared first on Cool Solutions. Madhan

Related:

  • No Related Posts

OneFS: Upgrade fails with error “UnicodeDecodeError: ‘utf8’ codec can’t decode byte”

Article Number: 524285 Article Version: 5 Article Type: Break Fix



Isilon,Isilon OneFS,Isilon OneFS 8.0,Isilon OneFS 8.1

When running a OneFS upgrade the upgrade might fail during the isi_version_checker phase stating that it is not able to decode a file which is not encoded with UTF-8.

UnicodeDecodeError: ‘utf8’ codec can’t decode byte

You can verify the same by performing an upgrade assessment which will give out same results when viewing the upgrade summary report.

isi upgrade nodes list displays the following error :

Node Upgrade State: error

Error Details: Failed Step: HookPreUpgradeOptional

The pre-upgrade check from 8.1.0.2 to 8.1.0.4 failed in UID_GID_Check with the following error:
The user id or group id of [/tmp/abc5cc_3056986] is too large and may cause an error in the upgrade process, please change the user/group id (maximum of 2097151) or remove the file before continuing

The failure is likely to occur when running the uid_gid_check script which checks for any files under ‘/’ with a large UID/GID as this could impact the upgrade. If one of the files contains non-UTF-8 characters in its name. The script looks for any characters with non UTF encoding under / on all nodes.

OneFS 8.0.0.7, CLI parser can handle characters that were not valid UTF-8 avoiding such issues.

New pre-upgrade check introduced in 8.1.0.3

[A] If there is an OneFS upgrade which has failed follow the below steps:

(If there is an upgrade assessment which is giving an error jump to [B])

  1. Check the upgrade state first:

# isi upgrade view

Upgrade Status:

Cluster Upgrade State: error >> error state in upgrade

(see output of `isi upgrade nodes list` to know which node failed)

Current Upgrade Activity: Upgrade

Upgrade Install Image: /ifs/data/Isilon_Support/OneFS_v8.0.0.7_Install.tar.gz

Upgrade Start Time: 2018-07-26T10:59:55

Current OS Version: 8.0.0.1_build(131)style(5)

Upgrade OS Version: 8.0.0.7_build(240)style(5)

Nodes Progress:

Total Cluster Nodes: 5

Nodes On Older OS: 5

Nodes Upgraded: 0

Nodes Transitioning/Down: 0

If there are any errors, run “isi_upgrade_logs” to gather more information
  1. Check on which node it fails

# isi upgrade nodes list

Node LNN: 2

Node Upgrade State: error

Error Details: Failed Step: HookPreUpgradeOptional

Error Log: /ifs/.ifsvar/upgrade/Agent-32-000e1ea67780a95c3c57e400d1411b40b520.log

Last Upgrade Action: –

Last Action Result: –

Node Upgrade Progress: None

Node OS Version: 8.0.0.1_build(131)style(5)

  1. You will notice that the upgrade is in an error state, run “# isi_upgrade_logs” to generate the log files to check the error.
  2. View the log files generated from the nodes in the previous step, and you will see the below message at the start of the file :

isi_version_checker encountered an unexpected error.

‘utf8’ codec can’t decode bytes in position 0-2: invalid data

failed

This means there is a file under “/” [except /ifs]on the node that throws the upgrade error which is not encoded with UTF-8 or there are files under ‘/’ which have a large UID and GID.

Check directories, say “/tmp” “/var/tmp“. A simple “ls -al” under these directories should help check files with large UID and GID’s.

# ls -al /tmp

-rw——- 1 0 0 – 0 Apr 7 10:55 apache2.py.lock

-rw-r–r– 1 0 0 – 0 Apr 7 09:32 cpool_stat_cpool_query_stat_map_

-rw-r–r– 1 0 0 – 0 Apr 7 09:32 cpool_stat_cpool_stat_map_

-rw——- 1 0 0 – 0 Apr 7 10:55 generic_copy.py.lock

-rw——- 1 0 0 – 0 Apr 7 11:14 hostupdate.py

-rw-r–r– 1 0 0 – 0 Apr 7 10:55 isi_flexnet_d_sem_agg_update.key

-rw-r–r– 1 0 0 – 0 Apr 7 10:53 isi_pkg_outcmdck1

-rw-r–r– 1 0 0 – 0 Apr 7 10:49 isi_pkg_outcmderr

-rw——- 1 1000002 1000000 – 5045 Jul 23 08:09 krb5cc_1000002 >> Files with large UID and GID

-rw——- 1 1000376 1000000 – 4677 Jul 13 07:44 krb5cc_1000376

-rw——- 1 0 0 – 0 Apr 7 09:32 metadata-generator

-rw——- 1 0 0 – 0 Apr 7 11:10 nsswitch.py.lock

-rw——- 1 0 0 – 0 Jul 21 07:24 ntpd.py.lock

-rw——- 1 0 0 – 524 Apr 7 10:54 portmap.

To check if there are files with non printable characters (files not encoded with UTF-8) use the below command, the command will take time to time to return an output :

# isi_for_array -s “find / -type f -not -path ‘/ifs/*’| grep -E ‘.*[^[:print:]].*'”

Once you identify the files move it under “/ifs/data/Isilon_Support” with user permission and retry the upgrade.

# isi upgrade retry-last-action –nodes=all

[B]If there is an assessment which is giving an error, follow the below steps:

  1. Generate the assessment report by running ” # isi_upgrade_logs -a “ :

# isi_upgrade_logs -a

For Assessment with Upgrade ID [2018-07-26T09:52:19.000Z]

Assessment errors found attempting to find and extract logs from archive

Assessment Archive File found here [/ifs/.ifsvar/upgrade/archive/UpgradeArchive-2018-07-26T09:57:30.000Z.tgz]

Extracting [UpgradeArchive-2018-07-26T09:57:30.000Z/Agent-32-000e1ea67780a95c3c57e400d1411b40b520.log] to [/ifs/upgrade_error_logs/Agent-32-000e1ea67780a95c3c57e400d1411b40b520.log]

Extracting [UpgradeArchive-2018-07-26T09:57:30.000Z/32-000e1ea67780a95c3c57e400d1411b40b520/logs/hooklogs/pre-upgrade-optional/isi_upgrade_checker.log] to [/ifs/upgrade_error_logs/32-000e1ea67780a95c3c57e400d1411b40b520/logs/hooklogs/pre-upgrade-optional/isi_upgrade_checker.log]

Extracting [UpgradeArchive-2018-07-26T09:57:30.000Z/Assessment-summary.report] to [/ifs/upgrade_error_logs/Assessment-summary.report]

Suggest running ‘grep -ilr error /ifs/upgrade_error_logs/*’ to find the log files with errors

  1. Follow the suggestion in the assessment report, run ‘grep -ilr error /ifs/upgrade_error_logs/*‘ to find the log files with errors, and you can view the assessment summary report [cat /ifs/upgrade_error_logs/Assessment-summary.report] to verify which node the upgrade assessment is pointing the error.
  2. While viewing the log files if you see the error “utf8′ codec can’t decode bytes“, follow the steps mentioned in [A] on the node on which the assessment fails.

UTF8 (U from Universal Character Set + Transformation Format—8-bit) is a character encoding capable of encoding all possible characters (called code points) in Unicode.

Related:

  • No Related Posts

RecoverPoint: XtremIO: Unable to created new snapshots, SRM “RE” failover fails due to unavailable bookmark

Article Number: 480610 Article Version: 3 Article Type: Break Fix



RecoverPoint,RecoverPoint SE,RecoverPoint Adaptor for VMware Site Recovery Manager,XtremIO

When XtremIO replica copy configured with ‘Number of Desired Snapshots: 2’, customer is unable to create new snapshots while in Test a Copy mode (or Image Access mode) and SRM fail-over operation also fails.


Symptoms found in the logs:

In replication logs on replica copy site:

2016/03/10 16:45:41.866 – #1 – 8747/8560 – XioSnapConsolidation::findBestSnapToDelete: didn’t find user snap to delete …

2016/03/10 16:45:41.866 – #2 – 8747/8560 – XioDistributorHandler::checkSnapDelete: going to delete the latest snapshot!

Affected versions:
All RecoverPoint versions since XtremIO was introduced (4.1.1)

When maximal number of snapshots is 2 the following will happen:

– After the second snapshot is created there are 2 snapshots in snapshot list.

– When the system try to create the 3rd snapshot – it can’t, so snapshot creation is delayed and internal variable indicating number of reserved snapshots is set to 1.

– The system then delete one snapshot and only then will try to create the new one.

– If the pipe is closed before the system handle the delayed request, number of reserved snapshots will remain 1.

From that moment on the system can only hold 1 snapshot at any given moment. So every time a new snapshot is created the previous is deleted.

Workaround:

Increase ‘Number of Desired Snapshots’ for the relevant Consistency Group using RecoverPoint CLI (via config_copy_policy command)

Permanent Fix:
RecoverPoint version 4.4 SP1

Related:

  • No Related Posts

EMC SourceOne Email Management File Restore Activity fails with “Permission Error (0x86044710).”

Article Number: 483073 Article Version: 2 Article Type: Break Fix



SourceOne for File Systems

When trying to restore the files previously shortcut, using File restore activity, the following file permission-related error shows:

Unable to verify that the user has required file system permissions to restore the file. Try restoring to an alternate location. (0x86044710)

Function: CExFileSystem::iWriteFileProperties

Error encountered checking permissions (0x80070423)

Function: CoExFileProvider::StoreDoc

Failed to restore file to original location

(000000002FA2F179A9A64B3E18708A1301F6951BEA98F76600). (0x86044701) The specified property FSC_TargetLocation does not exist

(0x86044002)

The issue was related with Windows File permissions not being applied properly to the files needed to be restored. Although Windows NTFS file/folder permissions stated that a particular end user and SourceOne account had full permission on those files, somehow Windows was not applying it.

Also, when running a File Restore Activity, the following NTFS security file/folder permissions need to be configured for the SourceOne service account :

–>Local Administrators group has the following rights:

–> Backup files and directories

–> Manage auditing and security log

–> Restore files and directories

–>Take ownership of files or other objects

  1. Remove and re-add the file permissions, disabling the option “Include inheritable permissions from this object’s parent” when managing NTFS permission on the problem file server foldername.
  2. Re-add any other identified users in this manner that lost file/folder permissions

Related:

  • No Related Posts

7012837: NSS pool move operation displays Error 23316 “No Space for Move Stamps”

Typically, when creating a NSS pool, a partition is created on a 1MB boundary and NSS uses 32 sectors for a header to store stamps, and provides the rest to NSS pools. NSS will then round the pools to a 1MB boundary. What this does is leave a 1MB (32 sectors space at the end of the partition that is not used.

The NSS ‘pool move’ code takes advantage of that unused space to store the mirror stamps that are being used for the actual pool move.

When this space is available, a pool move can successfully be performed.

There is however always a possibility that the pool is using all the space for one reason or another. These could be pools that were originally created on earlier version of Novell NetWare.

NSS checks to make sure the space required is available (NSS needs 6 sectors to store the stamps), and if not, will return the reported error. There is nothing that can be done with the pool as to fix this.

It was however determined that after expanding the pool, with a minimum of 12 MB, then this causes the rounding to a 1MB boundary to take place again, which in turn will allow the stamps to be written, and the pool move to succeed. It will slightly affect the pool size, but also does solve the problem relatively easy.

Related:

  • No Related Posts

7018164: Enabling eDirectory’s event caching: Journal Event Caching vs. XDAS caching

eDirectory has two event caching mechanisms. Each is separate and helps solve one of the challenges outlined above.




Journal Event Cache

Description: this cache applies to ALL journal events: ndstrace, XDAS, NAudit, IDM events, etc. A location on disk can be set to store cached events. This location will be used rather than memory when the number being created becomes greater than the number that can be processed. This cache resides in the NDSD event system and is at a lower layer than the XDAS cache.

Pros: this helps reduce NDSD’s memory footprint by storing those events not yet processed to disk instead.

Cons: consumes additional disk space but compression lowers this requirement. It can also be slower to process the events since they must first be written to then retrieved from disk rather than memory.

Configuration: this cache’s settings are controlled via environment variables set in the ndsd script.

NDSD_EVENT_DISK_CACHE

Enables the Journal Event Cache.



NDSD_EVENT_DISK_CACHE_DIR

Sets the cache directory. Optional, default for Linux is /var/opt/novell/eDirectory/data/ and the dib directory for Windows.
As these are environment variables these are set in the following locations:
init.d: /opt/novell/eDirectory/sbin/pre_ndsd_start
systemd: /etc/opt/novell/eDirectory/conf/env
Example
NDSD_EVENT_DISK_CACHE=1
EXPORT NDSD_EVENT_DISK_CACHE

– There is no Journal Event cache setting for specifying the size. The Journal cache will use file sizes of 4MB or less while implementing its own compression upon them.


XDAS Cache

Description: The cache is implemented in the xadauditds layer and is ONLY used when:

1. XDAS specific events are ready to be sent to a remote auditing server.

AND

2. The remote server cannot be reached.

Pros: Prevents the loss of audit event information when a remote audit server cannot be contacted. This cache is only used when required. The events are released once the remote server’s connection is reestablished.

Cons: other than some additional disk space used, none since it is only used if there is a problem.

Configuration: this cache’s settings are controlled via variables set in the xdasconfig.properties file.

– log4j.appender.S.CacheEnabled

Enables the XDAS Cache for storing XDAS events locally.

– log4j.appender.S.CacheDir

Optionally specifies the directory to use (/var/opt/novell/eDirectory)

log4j.appender.S.CacheMaxFileSize

Specifies the maximum file size. Values can be from 50MB to 4GB. The default is 512MB.


These cachemethodscan be used together. Consider the following scenario.

a. An XDAS audit event for a login is thrown but its reporting to the consumer is delayed behind other earlier events. The event gets written to the Journal Event Cache.

b. The Journal thread comes along and releases this event from the Journal Cache.

c. The configured remote audit server cannot be contacted. The event goes into the XDAS Cache.

d. The remote server is brought online again. The event is released from the XDAS cache and sent to a remote syslog appender.

More information can be found in the eDirectory Admin Guide found here: https://www.netiq.com/documentation/

Related:

  • No Related Posts

> 16 unix groups – server_param maxgroups – what are example valid OS ?

Some operating systems allow sending more than 16 groups.

VNX has a parameter called: maxgroups – which allows support for more than 16 groups (up to 128) but reboot is required.

[nasadmin@localhost ~]$ server_param server_2 -facility security -info maxgroups -v

server_2 : name = maxgroups

facility_name = security

default_value = 16

current_value = 16

configured_value = 16

user_action = reboot DataMover

change_effective = reboot DataMover range = (16,128)

description = Define the max number of extra group in Unix credential

[nasadmin@localhost ~]$ server_param server_2 -facility security -modify maxgroups -value 64

server_2 : done Warning 17716815750: server_2 : You must reboot server_2 for maxgroups changes to take effect.

detailed_description

does anyone have an example of OS ?

Related:

  • No Related Posts

7023343: Adding large disks to the system leads to messages “Very big device. Trying to use READ CAPACITY(16).”

This document (7023343) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 11

SUSE Linux Enterprise Server 12

Situation

After a large disk has been added to the system the kernel logs a message like:
kernel: [93442.940949] sd 0:0:2:0: [sdc] Very big device. Trying to use READ CAPACITY(16).

Resolution

While probing the new disk the size of it is calculated.If the size exceeds or is equal to 4294967296 sectors the message will be logged.
If the size of the disk is reduced by 1 sector so the entire disk size is max. 4294967295 sectors large the notice can be avoided.
This message is nothing to worry about unless additional messages indicating that the "Read Capacity (16)" has failed are logged.

Cause

Some internal kernel variables of the SCSI driver can hold maximum values of 4294967295 (0xffffffff). If a disk, larger than this amount of sectors is added to the system a function (read_capacity_16) needs to be called to deal with the larger amount of sectors. To do so special SCSI commands need to be sent to the disk.

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

Related:

  • No Related Posts

Configure access control for PMS agent’s folder and registry

I need a solution

As far as I know, PMS Agent does not have its own protection.

So I would like to use SEP to block all access to the Agent-related folders and registry, and allow access only to the Agent process.

Which process should I grant permission(create/modify/delete)?

This is all I know.

the Agent-related folder

– %SystemDrive%Program FilesAltiris*

registry

– HKEY_LOCAL_MACHINESOFTWAREAltiris

– HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeAltiris

– HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAltirisAgent

0

Related:

  • No Related Posts