Trying to deploy policy from PIM 14.0 Server to PAMSC 14.1 Endpoint
But we have problems to deploy Policy :
Here is the message in policyfetcher.log :
10:37:13 AM@Feb 26 2020 - executing deployment "1582709544#09bc559b-5cde-490e-88fd-421d3e60629d"10:37:13 AM@Feb 26 2020 - ERROR: command "deploy POLICY ("TEST#01") deployment("1582709544#09bc559b-5cde-490e-88fd-421d3e60629d")" returned failures, rv = 36880
10:37:13 AM@Feb 26 2020 - LCA returned ((localhost)
WARNING: Signature of policy: TEST#01 is invalid. The policy cannot be deployed.
Successfully updated HNODE __local__
Policy TEST#01 was successfully deployed.
)
10:37:13 AM@Feb 26 2020 - policy status for "TEST#01" is SigFailed
10:37:13 AM@Feb 26 2020 - deployment status for "1582709544#09bc559b-5cde-490e-88fd-421d3e60629d" is SigFailed
10:37:13 AM@Feb 26 2020 - updating status of DEPLOYMENT "1582709544#09bc559b-5cde-490e-88fd-421d3e60629d"
And if we try to redeploy the policy :
10:41:23 AM@Feb 26 2020 - Deleting local RULESET "TEST#01" - has different signature than DH
10:41:23 AM@Feb 26 2020 - creating RULESET "TEST#01"...
10:41:23 AM@Feb 26 2020 - Deleting local POLICY "TEST#01" - has different signature than DH
10:41:23 AM@Feb 26 2020 - ERROR: command "rmres POLICY ("TEST#01") noexit" returned failures, rv = 36882
10:41:23 AM@Feb 26 2020 - LCA returned ((localhost)
WARNING: The policy: TEST#01 is deployed. The policy cannot be deleted.
ERROR: Failed to fetch data for Object 515
)
10:41:23 AM@Feb 26 2020 - creating POLICY "TEST#01"...
10:41:23 AM@Feb 26 2020 - ERROR: command "newres POLICY ("TEST#01")" returned failures, rv = 10028
10:41:23 AM@Feb 26 2020 - LCA returned ((localhost)
ERROR: Failed to create POLICY TEST#01
Already exists
)
10:41:23 AM@Feb 26 2020 - failed to store DEPLOYMENT "1582709968#49bcdf5c-f734-4a96-b2f5-540a99f1f21c"
If I check the signature :
- in the EM DMS__
AC> sr policy TEST#01 useprops(SIGNATURE)
(DMS__@localhost)
Data for POLICY 'TEST#01'
-----------------------------------------------------------
Signature : 4548D334033F70C465FF53E891EFD50F5695111B
AC>
- on the local server database
PAMSC> sr policy TEST#01 useprops(SIGNATURE)
(localhost)
Data for POLICY 'TEST#01'
-----------------------------------------------------------
Signature : 748821A0AE985A9A7E50DBE754E42454B12A696F5C5015A8EFB9B8D5283C1A326AA44E60A3EE4F89ED345A262FF501171E05D3A6B72FACF885791A7C5DB26778000000000000000000000000
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
PAMSC>
How to avoid this problem ?
Release : 14.0
Component : CA ControlMinder
and endpoint PAM Server Control 14.1
WE provided a new fix to customer tha solve the problem
acpatch-DE449723-14.10.0.1330-_LINUX_X64.zip.
Should be included in last versions.