Permissions required for DTSCLI Securitymode fail

book

Article ID: 103752

calendar_today

Updated On:

Products

CA Automation Suite for Data Centers - Configuration Automation CA Client Automation - Asset Management CA Client Automation - IT Client Manager CA Client Automation CA Client Automation - Remote Control CA Client Automation - Asset Intelligence CA Client Automation - Desktop Migration Manager CA Client Automation - Patch Manager

Issue/Introduction

Using the DTSCLI command with securitymode=fail to transfer files from one agent to another using the following command:

dtscli -a ipath="<Path to file>" iuser=<username>::<password> rpath="<TargetServer>::"<Path\filename>" ruser=<username>::<password> output_mode=c "f_filters=:CREATE_PATH" "p_filters=BINARY_READ:BINARY_WRITE AES256_ENCRYPT:AES256_DECRYPT" retry_limit=0 throttle=5 

However, the transfer fails with the following error:
CLI0544 Transfer failed: E (390) Security violation: userid or password is not correct. role=Initiator (390). 
Transfer state: FAILED 


Note:
DTSCLI Securitymode configuration policy parameter is present under DSM->Data Transport Service (DTS)->Data Transport Agent Plugin

<Please see attached file for image>

DTSCLI Securitymode Fail



 

What permissions are required when the authentication for DTS transfer between agent to agent using the DTSCLI command is set to securitymode=fail?

Environment

All versions of CA Client Automation

Resolution

For the DTSCLI command to read files from the source, the 'iuser' account on the source needs read permissions.

Similarly, to write on the target, the 'ruser' account needs write permissions.

For the user account to also be able to connect to the machine to initiate anything, log on locally rights are required. 

For more information on the DTSCLI parameters please refer the following link:
https://docops.ca.com/ca-client-automation/14-0/en/reference/dts-command-line-reference/agent-to-agent-transfers


 

Attachments

1558700399558000103752_sktwi1f5rjvs16k4h.jpeg get_app