Avamar Gen4T >> How to reconfigure RMM4 root user to alternative user name (avoid Error message: Login failed. User does not have ‘Login to Embedded Management Software’ privilege.)

— All commands to be executed as root on the node where RMM4 user is being configured.

1 — Verify that RMM4 is configured for dedicated access (in case there is no valid IP address configured, replace “lan print 4” with “lan print 1” to check for shared access):

root@avamar:~/#: ipmitool lan print 4 |egrep “IP Address|Subnet Mask|Default Gateway” |egrep -v “Source|Header|Backup|MAC”

IP Address :

Subnet Mask :

Default Gateway IP :

2 — To list configured users (in case RMM access is configured as shared, replace “summary 4” with “summary 1” and “list 4” with “list 1”):

root@avamar:~/#: ipmitool user summary 4

Maximum IDs : 16

Enabled User Count : 1

Fixed Name Count : 1

root@avamar:~/#: ipmitool user list 4

ID Name Callin Link Auth IPMI Msg Channel Priv Limit

2 root true true true ADMINISTRATOR

3 — To rename user ID#2 [root](where “NewName” shall be replaced with the desired username and “Password” replaced with desired password):

root@avamar:~/#: ipmitool user set name 2 NewName

root@avamar:~/#: ipmitool user set password 2 Password

root@avamar:~/#: ipmitool user enable 2

root@avamar:~/#: ipmitool channel setaccess 4 2 link=on ipmi=on callin=on privilege=4

root@avamar:~/#: ipmitool channel getaccess 4 2

Maximum User IDs : 16

Enabled User IDs : 1

User ID : 2

User Name : NewName

Fixed Name : No

Access Available : call-in / callback

Link Authentication : enabled

IPMI Messaging : enabled

Privilege Level : ADMINISTRATOR

5 — List users again:

root@avamar:~/#: ipmitool user list 4

ID Name Callin Link Auth IPMI Msg Channel Priv Limit

2 NewName true true true ADMINISTRATOR


  • No Related Posts

Re: Avamar GEN4T using dedicated replication ports

On the Avamar side, this depends on the routing configuration.

If 172.x on the source and target are on the same subnet, configuring the Avamar replication to point to the target’s 172.x address will ensure the data is sent across the dedicated replication network. However, if there is a gateway in between these two devices, you will likely need to specify a static route on the Avamar to ensure the packets are sent out the 172.x interface. If the source and target are on different networks and there is no static route, the data will be sent from the 10.x backup network on the source to the 172.x replication network on the target which is probably not what you want.

For the DD side, data transit is controlled by DDBoost. Dedicated replication interfaces are normally configured on the DD side using ifgroups. Avamar will ask the source DD to copy data to the target but how the data actually gets there is controlled on the DD side.


  • No Related Posts

vethx inteface support speed after bonding

hi, all

I have a DD6300, i have already configured veth0 – it’s bonded two eth3a, eth3c – they connect over fiber cable to SW Cisco 4500, two ports 10gb uplink,

On Sw Cisco 4500 : port-chanel up, BW 20 Gb/s

But my veth0 only 10Gb/s

Interface Name:


Auto Negotiate:


Hardware Address:







10 Gb/s



Supported Speeds:


Any problem with my config, everybody help me to solve it ?

Here is my configuration :

lv@dd6300-backup# net show settings

port enabled state DHCP IP address netmask type additional setting

/prefix length

—– ——- ——- —- ————————– ————– —- ——————————-

ethMa yes running no n/a

fe80::260:16ff:fe86:c7c6** /64

eth3a yes running n/a n/a n/a n/a bonded to veth0

eth3b no down no n/a n/a n/a

eth3c yes running n/a n/a n/a n/a bonded to veth0

eth3d no down no n/a n/a n/a

veth0 yes running no n/a lacp hash xor-L2L3: eth3a,eth3c

fe80::260:16ff:fe85:22c8** /64

—– ——- ——- —- ————————– ————– —- ——————————-

** auto_generated IPv6 address

Thanks !


  • No Related Posts

Disaster Recovery options for QRadar

Hi Community!

I’ve read the entire QRadar SIEM High Availibility Guide for 7.3.1 and am still struggling to design a disaster recovery solution to our QRadar systems(two 3105 All in One). I’ve also read different topics on this subject with very good explanations by JonathanPechtaIBM.

We are looking for a solution which offers **almost no dataloss** in case of failure of site A. Yes..We have a Site A and a Site B.

There are three DR deployment scenarios according to the HA Guide.
Option1: Primary QRadar Console and backup console
Option2: Event and flow forwarding
Option3: Distributing the same events and flows to the primary and secondary sites.

**Option1** depicts the console failover in a scenario where I would have a hot console and a cold standby. In case of failure, I have to manually start the cold console, change the ip and apply the backup of the failed machine. In this scenario there is NO DATA SYNC. I have to restore data manually. In case my first machine gets restored, I must copy the delta data manually to the primary. Data can be lost during the failover period. Therefore, this option is discarded.

**Option2:** Event and flow forwarding. I have similar deployments on both sites. Both are active. Events and Flows have to be forwarded from the first system to the secondary system using:
A) off-site targets (configured under System and License Management)
B) routing rules.: There are two modes: Online and Offline. and are configured under “Forwarding Destinations” and “Routing Rules” .. (There is a very good explanation here: https://www.ibm.com/developerworks/community/forums/html/topic?id=b8be5e81-d1ed-452b-bf55-7659f78684fb)

Online mode uses best effort, which can cause data loss if there is no communication between sending and listening devices. Therefore, it is discarded.

Offline mode sends the data after being written to disk and there is a sync-delay of about >1 minute due to ariel writing data every minute. No data is lost because the offline process uses bookmarks to keep track of the last sent data. This seems to be a good method for fulfilling my requirements.

**[Question1]**: What is the difference between off-site targets and routing rules using the offline mode? If there is none, why there are the two options?

In the guide it also says on page 33 “Periodically, use the content management tool to update content from the primary QRadar to the secondary”.

**[Question2]**: What can be understood unter “content” in this sentence? Apps, DSMs? In general content that is not available in the backup file?

It is also mentioned on page 33 “In the case of a failure at site 1, you can use a high-availiability (HA) Deployment to trigger an automatic failover”.

**[Question3]:** In this case, one should be aware of the latency limitation between the two sites. Moreover, it is not anymore necessary to forwarding events and flows using one of both methods mentioned above, right?

**[Question4]**: Using routing rules and “online” modes it is possible to drop the data and bypass the CRE after being forwarded. What are the use cases for that? A system would send events to Qradar and we would like to forward some of them to another system, but not want to store them on Qradar?or let CRE test some of them but just store them for logging reasons?

**Option3**: Distributing the same events and flows to the primary and secondary sites

In this scenario I have a load balancer or another similar component which is reponsible for sending data to both sites. If Site A fails, Site B it is still active. Both components have different IP Addresses and it is not necessary to either forward data nor to backup or restore any data. This seems to be the most expensive option, because both sites should have similar architectures and there is the load balancer.

**[Question5]**: The load balancer represents a Single Point of Failured (SPOF) and should be therefore planned redundant? According to picture 3 on page 37, all data is sent to a Load balancer on site 1. What happens if it fails?

I know that if a whole site fails, I have more things to worry about than logging, but I would like to go through all the methods.

to sum up. The method to be chosen should be option2 with offline mode, right?

Thank you in advance

ps: This video: https://www-01.ibm.com/support/docview.wss?uid=swg21997652
provides a wrong definition at 0:27. it says “in **online** mode all data is stored in the database and then forwarded”. This is wrong, right?




  • No Related Posts

Case Manager Support for TLS v1.2

After upgrading Case Manager from 5.2.1 FP3 to FP4 we are not able to connect TLS v1.2 compatible F5 URL from the following components.But at the same time we are able to successfully connect while calling direct hostname.
1. From Code module to CPE F5 Load Balancer URL
2. During Solution Deployment to map F5 Load Balancer for WebService
3. EDS to APP F5 Load Balancer URL
4. FileNet Config Manager to ICN/ICM F5 Load Balancer URL
5. FileNet Deployment Manager to CPE F5 Load Balancer URL

Could somebody please confirm if

For TLSv1.2, this is not a protocol that is completely supported with ICM 5.2.1.x configuration tool. Full support of TLSv1.2 with the configuration tool was added in ICM 5.3.


  • No Related Posts

7022474: How to configure “external” network in network.json

Define an “external” network in network.json according to “Custom Network Configuration, Providing Access to External Networks” chapter in SUSE OpenStack Cloud 7 Deployment Guide.

“external” : {

“add_bridge” : false,

“vlan” : XXX,

“ranges” : {

“host” : {

“start” : “”,

“end” : “”



“broadcast” : “”,

“netmask” : “”,

“conduit” : “intf1”,

“subnet” : “”,

“use_vlan” : true


To have this “external” network before configuring barclamps use ‘crowbarctl’ command for a particular node.

On admin node:

#crowbarctl network interface enable default d52-54-00-63-a1-01.example.com external

#crowbarctl network hostip allocate default d52-54-00-63-a1-01.example.com external host

Then on d52-54-00-63-a1-01.example.com:

#systemctl restart chef-client.service

Afterwards configure iscsi initiator on the nodes. Deploy pacemaker, rabbitmq and database barclamps.


  • No Related Posts

how to create domain based network hierarchy in QRadar ?

Hi Everyone,

We are using QRadar 7.3 and we are planning to create multiple domains to facilitate multi tenancy management.
I know that it is possible to group several log sources into a single domain. But what can we do if one subnet is shared between two domains ?

So I am asking if there is a way to create and assign one network hierarchy to a specific domain


  • No Related Posts

Not able to connect to the API/APIC/Datapower gateway consoles from Docker Toolbox

Hello everyone,
I have installed the Docker toolbox with API Connect.
I started all the components individually and below is the output:

$ docker-compose ps

Name Command State Ports

apim /tini — /startup.sh Up

datapower /start.sh Up 443/tcp

esmaster /docker-entrypoint.sh /bin … Up 9200/tcp, 9300/tcp

ibmlogstash /bin/sh -c /startup.sh Up

ibmportal /root/tini — /root/start_ … Up

make-ssh-keys /bin/sh -c /genkey.sh Exit 0

microservice /bin/sh -c /usr/bin/app.sh … Up 8080/tcp

nginx /bin/sh -c /run.sh Up>443/tcp, 80/tcp

I have also edited the /etc/hosts file with the following:
192.1**.*.* apim ibmportal datapower microservice

However, I am still not able to connect to any of the the consoles (apic/apim not datapower).

which ip do I have to mention in the /etc/hosts file ? (I gave the ip v4 for the virtualbox which I got from the ipconfig command).

Please throw some light here from your experiences, not sure what am I doing wrong.

Thanks in Advance!


  • No Related Posts

Isilon Mgmt pool configuration


Can some one help me to configure new Mgmt pool under different subnet.

I want to release the IP’s from the existing MGMT pool and move the IP’s to NFS pool, so that I can configure Dynamic failover as there are not enough IP’s in the subnet and I dont want to configure New NFS and move the existing data to new pool as its hectic process and needs more downtime

We have 8 node cluster and the current NFS pool has 11 IP’s, so if I release the IP’s from MGMT pool it will have 22 IP’ which would be practically enough for NFS to have smooth dynamic failover.

Do we need to modify the interface from network side to use a new VLAN, as i just want to use mgmt pool a different subnet?


  • No Related Posts

Clearing Health Check state

I need a solution

One of the forwarding hosts defined in our ProxySG does not respod to the health check. I have set the health check to disabled unhealthy but the Global Health Status of the proxy is still Warning.
How do I clear the warning state, all active health checks are green?

Also I am not able to remove a forwarding group even though I have removed all references in the policy and removed all forwarding hosts from the group. The error message just tell me “cannot delete a group now in use by policy”. The health check for the group is at least OK since the forwarding group is empty (no hosts).




  • No Related Posts