Nothing is synchronizing with the DMS
search cancel

Nothing is synchronizing with the DMS

book

Article ID: 44395

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM) CA Privileged Access Manager (PAM)

Issue/Introduction

Policies are written and uploaded to the ENTM UI and appear to have been completed and pushed to the endpoint. However, the endpoints do not receive them and the amount of messages pending the DH__ are quite high. This may also cause the main DMS and DH to become somewhat sluggish (depending on configuration).

 

Environment

CA PIM 12.8.X, 12.9.X, 14.X and PAM SC 14.1.X

Cause

One of the causes of this, which is covered in this techdoc is that the DSs are unaware they are a DH and are looking to themselves for updates which will never be received

Resolution

This can be seen when on the 'DS > selang > so list ' Here it will list isDH to which it should be 'yes' as all distribution servers should have a DH and no DMS. You need to run 'so is_dh+' as this command will let the DS know it is a DH and should look for policies as well as push policies. 

The result of sepmd -L DMS__ on the primary ENTM may also list that the ac_server_to_server_broadcast is out of sync. You would then run the below commands to unsubscribe the DMS from the message queue and re-subscribe which should start pushing out the policies.

sepmd -u DMS__ "Topic: ac_server_to_server_broadcast (DH)"
sepmd -smq DMS__ -predefined ServerToServerBroadcast -destination DH
dmsmgr -sync self        on each DH.
Powered by Wolken Software