CA Directory - DSA out of sync
Article ID: 9559
Updated On:
Products
Issue/Introduction
A DSA may fail to start. The error in the DSA's warning log may show the following error:
"DSA is attempting to start after a long outage, perform a recovery procedure before starting"
Environment
PRODUCT: Symantec Directory
VERSION: 14.x
OPERATING SYSTEM: Any
Cause
This behavior will occur under the following conditions:
1) The DSA is configured with Multi-Write DISP and replicating with other DSA's
AND
2) The DSA was offline for a significant period of time (~7 days)
OR
2b) The multi-write queue was purged.
This is default behavior and is expected under these conditions.
Resolution
Recovering a DSA Involved in Multi-Write Disp
Notes about the instructions:
- CADir1 is the hostname of CA Directory Server, which is OK
- CADir2 is the hostname of CA Directory Server, which is out of sync
- CADir3 is the hostname of CA Directory Server, which is OK
1) On CADir1 machine (where the dxserver "<DSAName-on-CADir1>" is running) run the command:
dxdisp <DSAName-on-CADir2>
2) On CADir3 machine (where the dxserver "<DSAName-on-CADir3>" is running) run the command:
dxdisp <DSAName-on-CADir2>
3) Backup the data from the good DSA ( for example, <DSAName-on-CADir1>)
dxserver onlinebackup <DSA Name>
NOTES: Backup operation may take a while.
Monitor the DSA's warning log (<DSA name>_warn_<date>.log) for the following message:
WARN : Dump completed, X fragments
4) Make sure the DSA with the problem (<DSAName-on-CADir2>) is stopped
dxserver stop <DSAName-on-CADir2>
5) Delete, Rename, or Move all the files associated with the DSA that is failing to start
<Install_Dir>/CA/Directory/dxserver/data/<DSAName-on-CADir2>.db
<Install_Dir>/CA/Directory/dxserver/data/<DSAName-on-CADir2>.tx
<Install_Dir>/CA/Directory/dxserver/data/<DSAName-on-CADir2>.dp
<Install_Dir>/CA/Directory/dxserver/data/<DSAName-on-CADir2>.dx
6) Copy the ".zdb" file FROM <Install_Dir>/CA/Directory/dxserver/data/<DSAName-on-CADir1>.zdb) on CADir1 machine TO "<Install_Dir>/CA/Directory/dxserver/data/" on the server where the DSA won't start (CADir2)
NOTE: Do not copy the .TX, .DP, or .DX files, copy the <DSAName-on-CADir1>.zdb ONLY
7) Rename <DSAName-on-CADir1>.zdb file to the name of the DSA that won't start
EXAMPLE: <DSAName-on-CADir1>.zdb to <DSAName-on-CADir2>.db
8) On the CADir2 machine run the commands:
dxdisp <DSAName-on-CADir1>
dxdisp <DSAName-on-CADir3>
9) Start the <DSAName-on-CADir2>:
dxserver start <DSAName-on-CADir2>
10) ** OPTIONAL: Restart the <DSAName-on-CADir1> and/or CADir3 (If Required)
dxserver stop <DSAName-on-CADir1>
dxserver start <DSAName-on-CADir1>
** In case <DSAName-on-CADir2> DSA was down for a long period of time it may be required to restart the <DSAName-on-CADir1> and/or <DSAName-on-CADir3> when you have these messages in the <DSAName-on-CADir1> and/or <DSAName-on-CADir3> logs:
----------------------------------
* [5] 20160919.112602.056 DSA_W2680 Multiwrite queue (<DSAName-on-CADir2>) greater than 100% full
* [5] 20160919.112602.065 DSA_E2760 Multiwrite: Operation disabled for DSA <DSAName-on-CADir2>
----------------------------------
After restart, the <DSAName-on-CADir1> will reconnect to <DSAName-on-CADir2> and start MW replication.
Additional Information
Symantec Directory: Backing Up Data
Symantec Directory : Data Replication and Recovery Best Practice
===========
Windows: Execute commands as Administrator.
Linux: Execute commands as "dsa" user.
In case of vApp (Identity Suite Virtual Appliance) open ssh session as "config" user and change to "dsa" user using
su - dsa
Feedback
