This document (7022994) is provided subject to the disclaimer at the end of this document.
Privileged Account Manager
New Command Control rules work on primary node but not secondary node.
Recently created rules are inconsistently processed by Primary and Backup Manager(s) – intermittently failing.
Failed attempts being processed by the backup manager; services stopped on backup manager will result in successful requests processed by the online primary manager.
Existing rules remain unaffected and are processed correctly by both managers.
The simplest solution is to promote the existing Primary modules so the replication thread pushes the latest configuration to all the Secondaries:
- Please verify the Backup Manager’s 29120 port is reachable from the Primary Manager:
telnet <backup> 29120
- Re-promote primary package modules:
Note: This should force replication to happen from the primary manager to all backup managers.
If the issue persists, please restart PAM service on both primary and backup manager(s) and wait a few minutes.
- Navigate to the Primary Manager’s packages in the Hosts Console.
- Select all the packages that display ‘Primary’ status
- Click ‘Promote Manager’ from the left pane.
Replication issue of Command Control and Auth Modules caused by network issues from Primary to Secondary (backups) on port 29120. A very rare issue which may occur when there is no connectivity between Primary and Secondary servers at the time the replication thread runs.
This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.