search cancel

Problem with agent communication profile using DNS alias

book

Article ID: 162990

calendar_today

Updated On:

Products

IT Management Suite

Issue/Introduction

The customer has installed a new instance of the ITMS on a new server build. The customer is having an issue understanding how to modify the Symantec Agent Communication profile. The present profile is not linked to the NS server name as he would like. When he creates a new profile and then attempt to unlink the old one, he cannot. He is also having trouble changing the installed Agent on the NS to see itself as the new NS. 

The main goal is to team to hide the actual local host name and use only the DNS alias for all communication. 

New NS
Local hostname: SMP01main.corp.com
DNS alias: smc.corp.com

When the customer tries to modify the Agent Communication Profile to use smc.corp.com for HTTPS, the SMP modifies it after he saves the changes. It always adds the local hostname back in with the DNS alias separated by a semicolon.

Also, the "Current profile is linked to 'SMP01main.corp.com' NS Server" always shows the local host name where it shows the DNS alias on his old NS. The option to unlink or modify it seems to be grayed out and does not do anything when clicked.

Resolution

This use case has been reported to Symantec Development team for consideration.

We did not consider such scenario when user will want to hide available NS host name. Rather we tried to make default profile to be resistant to user errors (to hold detected configuration in place always).

In this scenario, the customer does not need to remove/unlink or whatever default NS profile. The default NS profile just has embedded “default URL” that is stored in httpdefFQDN  attribute and you can’t remove it using console UI. As you save changes, it just takes this default URL and forcefully inserts it in profile back. Other UI places where URL needs to be show just take first URL from profile and build http://url/altiris using it.
So the current solution is (besides changing the current behavior in the SMP Console ) to change XML manually, what can be a bit tricky.
The suggestion is as follow: 

As on field fix, profile item state XML can be modified manually to get rid of saved local host names. Just remove them from:
httpdefFQDN="SMP01main.corp.com:80"
httpsdefFQDN="SMP01main.corp.com:443"

make it look as:
httpdefFQDN=" "
httpsdefFQDN=" "

After that customer will be able to specify what he wants as URL and that URL will be shown in UI.
“Unlink” has no relation to URLs, it just security bind to NS for HTTP registrations, as tooltip says.