Symantec Encryption Manager Services
Article ID: 153422
Updated On:
Products
Encryption Management Server
PGP Key Management Server
File Share Encryption
Desktop Email Encryption
Drive Encryption
Endpoint Encryption
Gateway Email Encryption
PGP Command Line
PGP Key Mgmt Client Access and CLI API
PGP SDK
Issue/Introduction
This article details a list of services and common commands used on the Symantec Encryption Manager.
Accessing the Symantec Encryption Manager command line for read-only purposes (such as to view settings, services, logs, processes, disk space, query the database, etc) is supported. However, performing configuration modifications or customizations via the command line may void your Symantec Support agreement unless the following procedures are followed.
Any changes made to the Symantec Encryption Manager via the command line must be:
- Authorized in writing by Symantec Technical Support or published as an approved and documented process on the Broadcom Knowledge Base
- Implemented by a Broadcom Partner, reseller or Broadcom Technical Support.
- Summarized and documented in a text file in /var/lib/ovid/customization on the Symantec Encryption Manager itself.
Changes made through the command line may not persist through reboots and may be incompatible with future releases. Broadcom Technical Support may also require reverting any custom configurations on the Symantec Encryption Manager back to a default state when troubleshooting new issues.
Resolution
|
Command
|
Category
|
Details
|
|
pgpsysconf --restart tomcat
|
Restarts the tomcat service
|
Assists in troubleshooting web services problems
|
|
pgpsysconf --restart httpd
|
Restarts the httpd service
|
Assists in troubleshooting web services problems
|
|
pgpsysconf --apache
|
Apache
|
Assists in troubleshooting web services problems and rebuilds config files for Apache
|
|
pgpsysconf --restart pgpuniversal
|
PGP Universal Server services
|
Assists in troubleshooting issues with cluster on port 444, Client on port 443, or Proxy on port 25 not listening.
|
|
df -h
|
Displays disk status
|
If database is not running, use to check if disk space is full.
|
|
du -sh *
|
Displays disk status
|
Lists the disk usage of each file/folder. Assists in troubleshooting what filled up the disk. Most likely: /var/log/ovid, /var/lib/ovid/backups, /var/tmp folders.
|
|
psql oviddb ovidr -c "select count(*) from replication_message"
|
Server replication
|
Used on PGP Universal Server 2.x to count cluster replication messages (-c to exit) in queue
|
|
tail -f /var/log/ovid/cluster-YYYY-MM-DD.log
|
Checks clustering data
|
Checks if cluster data is being logged and verifies service is running. Optionally adding "| grep -i error" displays only error messages.
|
|
tail -f /var/log/ovid/client-YYYY-MM-DD.log
|
Checks for client activity
|
Checks if client activity is occurring and checks TLS certificate.
|
|
nslookup
|
Network status
|
Use when messages are queued. Check for DNS issues.
|
|
telnet hostname.domain.com 25
|
Network status
|
Check for ports being used and verify connection to next hop.
|
|
ethtool eth0
|
LAN card status
|
Displays LAN card configuration settings.
|
|
ifconfig
|
TCP/IP configuration
|
Used to configure and control TCP/IP network settings.
|
|
netstat -rn
|
Network status
|
Check for network activity and configuration.
|
|
pgpsysconf --restart pgpsdkrmi
|
Licensing Issues
|
Use command if server appears unlicensed on system tab.
|
|
pgpsysconf --restart pgpdatalayer
|
Restarts datalayer for database access
|
Allows access from other processes to database. Run pgpsysconf --restart pgpuniversal after restarting pgpdatalayer
|
|
pgpsysconf --restart pgptokend
|
Hardware interface
|
Run only if you know the ignition key passphrase.
|
|
pgpsysconf --restart pgptcpwrapper
|
Network connections
|
Manages certain listening connections.
|
|
pgpsysconf --restart postfix
|
Mail processing
|
Mail delivery component for email from PGP Universal Server.
|
|
pgpsysconf --restart syslog-ng
|
Server logging
|
Run command if logs are not written, but services are running.
|
|
psql oviddb ovidr -c "select * from (select host, count (*) from cluster_member as cm left join replication_destination as rd on (cm.local_id = rd.cluster_id) group by 1 order by 2 desc) as rd where count > 1;"
|
Clustering
|
This command works for PGP Universal Server 2.x and allows you to see the replication message counts on all servers in a cluster.
|
|
pgpsysconf –restart pgpgroupd
|
Restarts Group Membership processing service
|
Useful after putting it in debug mode or if it’s hung.
|
|
pgpgrouptool
|
Tool used for grouping of Consumers
|
Used to modify the behavior of grouping on the PGP Universal Server. Running pgpgrouptool by itself will print out a list of commands.
|
|
pgpsysconf --restart pgprep
|
Cluster replication issues
|
Restarting this will restart the replication service and redo all the work that needs to be done to replicate local changes to the other cluster members.
|
|
pgprepctl info
|
Clustering replication statistics
|
To view the messages in memory being sent to other nodes and statistics of replication
|
|
pgprepctl
|
Cluster information
|
Using this command will list all the commands available to troubleshooting clustering problems
|
|
pgprepctl topo
|
Cluster replication topology statistics
|
Used to view the replication topology and make sure that the communication is up between all the cluster members. X’s in here are a sign that a cluster member is not communicating.
|
Feedback
Yes
No
Powered by
