cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

VxSS / NBAC configration - Socket read/write failure

Go to solution
Storage_yoda
Level 4

‎01-13-2009 08:09 AM

Hi there

 

I have a pre-existing NBU 6.5.3 environment which works fine, there is one master server Master1 and 2 media servers Media1 and Media2.

 

They are all running on 64 bit Windows 2003

 

Witha few issues I have implemented VxSS and carried out the configuration as per the Security and Encryption guide.

 

The Master server is configured and is accessible with Vxss running.

 

However when I try to access the media servers from within the NBU Admin console they show error 23 Socket read failed or error 24 socket write failed. From this I am assuming that (yet again!!) there is some sort of resolution error. (we have had a number of problems in the past on thes development environment where NBU has had trouble resolving short names, in some cases this was our network fault!! - It is exceptionally picky!!)

 

I have uninstalled and reinstalled all the software on the Master server (which is acting as the Authentication server and the Authorization server) and the client software on the media servers.

 

I have set up the access control within NBU in line with the examples from the documentation

 

------------------------

 

Networks:

 

Master1.dev.local

Master1.dev

.dev.local

.dev

 

Authenication domain is set up as

 

Domains

 

dev.local

dev

Master1.dev.local

Master1.dev

 

Authentication Mechanism = WINDOWS

 

Broker = Master1

 

 

Authentication Service

 

Master1

 

---------------------

 

I have run the validation tests as suggested in the documentation and all are successful:

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -showmachines
media1.dev.local
Master1.dev.local
media2.dev.local
Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -whoami -cf "c:\program files\veritas\netbackup\var\vxss\credentials\Master1.dev.local"
Name: Master1.dev.local
Domain: NBU_Machines@Master1.dev.local
Issued by: /CN=broker/OU=root@Master1.dev.local/O=vx
Expiry Date: Jan 13 11:18:04 2010 GMT
Authentication method: Symantec Private Domain

Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -whoami -cf "c:\program files\veritas\netbackup\var\vxss\credentials\media1.dev.local"
Name: media1.dev.local
Domain: NBU_Machines@Master1.dev.local
Issued by: /CN=broker/OU=root@Master1.dev.local/O=vx
Expiry Date: Jan 13 12:14:00 2010 GMT
Authentication method: Symantec Private Domain

Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -whoami -cf "c:\program files\veritas\netbackup\var\vxss\credentials\media2.dev.local"
Name: media2.dev.local
Domain: NBU_Machines@Master1.dev.local
Issued by: /CN=broker/OU=root@Master1.dev.local/O=vx
Expiry Date: Jan 13 12:17:10 2010 GMT
Authentication method: Symantec Private Domain

Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -showmachines
media1.dev.local
Master1.dev.local
media2.dev.local
Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>bpnbat -login
Authentication Broker: Master1
Authentication port [0 is default]:
Authentication type (NIS, NISPLUS, WINDOWS, vx, unixpwd): WINDOWS
Domain: dev.local
Login Name: adminuser
Password: **********
Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin>cd admincmd

 

C:\Program Files\Veritas\NetBackup\bin\admincmd>bpnbaz -showauthorizers
==========
Type: User
Domain Type: vx
Domain:NBU_Machines@Master1.dev.local
Name: Master1.dev.local

==========
Type: User
Domain Type: vx
Domain:NBU_Machines@Master1.dev.local
Name: media1.dev.local

==========
Type: User
Domain Type: vx
Domain:NBU_Machines@Master1.dev.local
Name: media2.dev.local

Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin\admincmd>bpnbaz -listgroups
NBU_User
NBU_Operator
NBU_Admin
NBU_Security Admin
Vault_Operator
NBU_SAN Admin
NBU_KMS Admin
Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin\admincmd>bpnbaz -listgroups -credfile "c:
\program files\veritas\netbackup\var\vxss\credentials\media2.dev.local"
NBU_User
NBU_Operator
NBU_Admin
NBU_Security Admin
Vault_Operator
NBU_SAN Admin
NBU_KMS Admin
Operation completed successfully.

 

C:\Program Files\Veritas\NetBackup\bin\admincmd>bpnbaz -listgroups -credfile "c:
\program files\veritas\netbackup\var\vxss\credentials\media1.dev.local"
NBU_User
NBU_Operator
NBU_Admin
NBU_Security Admin
Vault_Operator
NBU_SAN Admin
NBU_KMS Admin
Operation completed successfully.

 

Any ideas as to where I am going wrong and how to resolve the socket errors?

 

 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Storage_yoda
Level 4

‎01-14-2009 07:48 AM

With some help from Symenatec support it turns out the key to my problem was that bpnbat -loginmachine needs to be run on each machine to log it in from the machine. I had run all 3 loginmachine on the Master server.

 

Fundamentally I did the following:

 

  1. Removed the un needed credentials from the master server
  2. Run bpnbat –loginmachine on the media servers media1 and media2
(at this point the media servers became accessible!) 
  1. Tidied up the access control properties as suggested by support (I had added abroad range of options to try and fix what appeared to be a resolution issue)
  2. restarted the services to make sure all was tidy
 All seems OK and I can run jobs related to these 3 hosts (I can backup the master server to disk on a media server)

 

View solution in original post

0 Kudos
1 REPLY 1

Go to solution
Storage_yoda
Level 4

‎01-14-2009 07:48 AM

With some help from Symenatec support it turns out the key to my problem was that bpnbat -loginmachine needs to be run on each machine to log it in from the machine. I had run all 3 loginmachine on the Master server.

 

Fundamentally I did the following:

 

  1. Removed the un needed credentials from the master server
  2. Run bpnbat –loginmachine on the media servers media1 and media2
(at this point the media servers became accessible!) 
  1. Tidied up the access control properties as suggested by support (I had added abroad range of options to try and fix what appeared to be a resolution issue)
  2. restarted the services to make sure all was tidy
 All seems OK and I can run jobs related to these 3 hosts (I can backup the master server to disk on a media server)

 

0 Kudos