Unsolved
This post is more than 5 years old
1 Rookie
•
116 Posts
0
2002
February 21st, 2014 08:00
NW Authentication Query
Hi All,
I'm seeing my daemon log get flooded with authentication warnings. I am deploying a new NW811 data zone for oracle archive log backups only . The bkup jobs are pushed from the oracle client side.
The messages in the Daemon log are:
93452 2/19/2014 2:55:34 PM 2 1 108 15176 14796 0 nsrexecd SYSTEM
warning Unable to authenticate svcgrid/ @(none): Unable to read request from ' ' for a GSS authentication status update: Unknown error
The NW client version running on the oracle server is NW 7.4.5. (I have a lot of clients to migrate and most running v7.4.x or v7.6.x client versions. It's not really feasible in the near term to get all these clients to NW8.1.1)
The authmethods on the Oracle client are "0.0.0.0/0,nsrauth/oldauth"
My questions are:
Would the flooding of the daemon log stop if I were to change the authmethod to use oldauth first on the oracle client?
Or maybe deleting the peer information for any clients migrated to this new Nw811 datazone?
Would this issue be resolved by the upgrading to NW8.1.1 client ?
(I know I could try these steps but I'm hindered by the fact that these servers are in production and testing using these boxes isn't advisable )
Or of course I could be on the wrong track altogether and if so I'd be appreciative of any advice
Tks,
Liam
0 events found
ble1
6 Operator
•
14.4K Posts
•
56.2K Points
0
February 22nd, 2014 03:00
Running 7.4 client against 8.1.1 server isn't advisable
I doubt this is nsr peer issue - more likely this is NMO versus new server issue (you run NMO I assume). If running NMDA, I would not guess anything before having client on NW8.1.x level and running NMDA 1.5 (unless you have Oracle 10 - then 1.2 is your friend). As for auth, I keep that one disabled all the time (both backup server/sn and clients). 8.1.1 has pretty much different auth mechanism than previous versions (including NW 8.0.x) so anything goes here. I can't see why updating clients is such big issue for you - by updating server you already affect ALL your clients
lguinane
1 Rookie
•
116 Posts
0
February 24th, 2014 03:00
Thanks Hrvoje.
Our change control process is very rigid and getting changes made (no matter how minor) on production boxes is a time consuming affair.
Could I ask, how do you disable auth ?
crazyrov
6 Operator
•
1.3K Posts
0
February 24th, 2014 03:00
You can attain this using nsradmin. Follow the steps below.
nsradmin -p nsrexecd
nsradmin> . type: nsrla
nsramdin> update auth methods: "0.0.0.0/0,oldauth"
lguinane
1 Rookie
•
116 Posts
0
February 24th, 2014 03:00
Never mind Hrvoje.
I found how to disable auth.