Permissions required for DTSCLI Securitymode fail
Article ID: 103752
Updated On:
Products
CA Automation Suite for Data Centers - Configuration Automation
CA Client Automation - Asset Management
CA Client Automation - IT Client Manager
CA Client Automation
CA Client Automation - Remote Control
CA Client Automation - Asset Intelligence
CA Client Automation - Desktop Migration Manager
CA Client Automation - Patch Manager
Issue/Introduction
Using the DTSCLI command with securitymode=fail to transfer files from one agent to another using the following command:
dtscli -a ipath="<Path to file>" iuser=<username>::<password> rpath="<TargetServer>::"<Path\filename>" ruser=<username>::<password> output_mode=c "f_filters=:CREATE_PATH" "p_filters=BINARY_READ:BINARY_WRITE AES256_ENCRYPT:AES256_DECRYPT" retry_limit=0 throttle=5
However, the transfer fails with the following error:
CLI0544 Transfer failed: E (390) Security violation: userid or password is not correct. role=Initiator (390).
Transfer state: FAILED
Note: DTSCLI Securitymode configuration policy parameter is present under DSM->Data Transport Service (DTS)->Data Transport Agent Plugin
What permissions are required when the authentication for DTS transfer between agent to agent using the DTSCLI command is set to securitymode=fail?
dtscli -a ipath="<Path to file>" iuser=<username>::<password> rpath="<TargetServer>::"<Path\filename>" ruser=<username>::<password> output_mode=c "f_filters=:CREATE_PATH" "p_filters=BINARY_READ:BINARY_WRITE AES256_ENCRYPT:AES256_DECRYPT" retry_limit=0 throttle=5
However, the transfer fails with the following error:
CLI0544 Transfer failed: E (390) Security violation: userid or password is not correct. role=Initiator (390).
Transfer state: FAILED
Note: DTSCLI Securitymode configuration policy parameter is present under DSM->Data Transport Service (DTS)->Data Transport Agent Plugin
<Please see attached file for image>
What permissions are required when the authentication for DTS transfer between agent to agent using the DTSCLI command is set to securitymode=fail?
Environment
All versions of CA Client Automation
Resolution
For the DTSCLI command to read files from the source, the 'iuser' account on the source needs read permissions.
Similarly, to write on the target, the 'ruser' account needs write permissions.
For the user account to also be able to connect to the machine to initiate anything, log on locally rights are required.
For more information on the DTSCLI parameters please refer the following link:
https://docops.ca.com/ca-client-automation/14-0/en/reference/dts-command-line-reference/agent-to-agent-transfers
Similarly, to write on the target, the 'ruser' account needs write permissions.
For the user account to also be able to connect to the machine to initiate anything, log on locally rights are required.
For more information on the DTSCLI parameters please refer the following link:
https://docops.ca.com/ca-client-automation/14-0/en/reference/dts-command-line-reference/agent-to-agent-transfers
Attachments
Feedback
Yes
No
Powered by
