I am under impression that you are using NetWorker 9.x family if so the NMC Authentication is handled by the AuthC server, and AuthC installed by default with NetWorker Server binaries in Windows, in Linux you cannot install NetWorker Server without AuthC as well.
As a result, both the NetWorker Server is having AuthC installed and running, so the when you have a single dedicated NMC to handle authentication it is not known which AuthC will handle the authentication request, so this issue is happening.
ISSUE:
1. Customer is having two Networker servers one in location A named nw1 and another in B location named nw2. He wants to setup a dedicated NMC server NMCsvr on another server to monitor/operate the two networker servers nw1 and nw2. 2. Customer runs the following command on both the Networker servers nsrauthtrust -H nwserver_name -P 9090
But after doing step 2 he is only able to manage one Networker server at any point in time. He gets the pop up saying failed to authenticate security token.
RESOLUTION:
Customer first needs to decide one Networker server which will act as the Networker Authentication Service host. In our case we choose nw1 as the Networker Authentication Server host
The issue was that - Server nw2 does not trust (and does not know how to decode) the token issued by the server nw1. - So on the server nw2 they need to run nsrauthtrust -H nw1 -P 9090. Then the token issued to NMC by logging in to authc on nw1 will be trusted and readable by nsrd on nw2.
After that we need to use the nsraddadmin command to grant the NetWorker Authentication Service user groups access to the NetWorker server.
Deb_PS
156 Posts
2
August 30th, 2018 05:00
I am under impression that you are using NetWorker 9.x family if so the NMC Authentication is handled by the AuthC server, and AuthC installed by default with NetWorker Server binaries in Windows, in Linux you cannot install NetWorker Server without AuthC as well.
As a result, both the NetWorker Server is having AuthC installed and running, so the when you have a single dedicated NMC to handle authentication it is not known which AuthC will handle the authentication request, so this issue is happening.
1. Customer is having two Networker servers one in location A named nw1 and another in B location named nw2. He wants to setup a dedicated NMC server NMCsvr on another server to monitor/operate the two networker servers nw1 and nw2.
2. Customer runs the following command on both the Networker servers
nsrauthtrust -H nwserver_name -P 9090
But after doing step 2 he is only able to manage one Networker server at any point in time. He gets the pop up saying failed to authenticate security token.
RESOLUTION:
Customer first needs to decide one Networker server which will act as the Networker Authentication Service host. In our case we choose nw1 as the Networker Authentication Server host
The issue was that
- Server nw2 does not trust (and does not know how to decode) the token issued by the server nw1.
- So on the server nw2 they need to run nsrauthtrust -H nw1 -P 9090. Then the token issued to NMC by logging in to authc on nw1 will be trusted and readable by nsrd on nw2.
After that we need to use the nsraddadmin command to grant the NetWorker Authentication Service user groups access to the NetWorker server.
nsraddadmin -H Authentication_service_host -P Authentication_service_port_number
In our case nw1 is the Authentication service host and the command should look like
nsraddadmin -H nw1 -P 9090