Management Console shows all conflicts after individual reboot while in the cluster.
search cancel

Management Console shows all conflicts after individual reboot while in the cluster.

book

Article ID: 264423

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

In our Test environment 4.1.1 the cluster in MC shows a lot of errors. Same issue in production which is ver. 4.1.0. This is observed after nodes are rebooted while the cluster is active, e.g. when applying a hotfix that requires a reboot.

Some nodes are listed twice, once with Site Type Standalone and a second time with Site Type Primary or Secondary, depending on which site they are in. We also see multiple nodes listed as Aggregators, and nodes that are not shown as Aggregators are missing disk and version information, and show the replication status as Unknown.

 

Environment

Release : 4.1-4.1.2

Cause

Communication with the management console is handled by a dedicated task in the credential manager tomcat process. That task could fail to initialize successfully on reboot, if other services on the PAM appliance are slow to start up. This can lead to inconsistent data sent to the MC, or failures to send new data, depending on which nodes (Aggregator or not) get rebooted when, while the cluster is active.

Resolution

The problem was fixed as DE559581 in the 4.1.3 release. If you need a fix at an affected release, please open a case with PAM Support

Additional Information

Resolved Issues in 4.1.3: https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-1-5/release-information/resolved-issues-in-earlier-4-x-releases/Resolved-Issues-in-4-1-3.html