Dell Unity: After an OE upgrade or SP reboots, the custom security banner no longer shows up in the CLI (Dell Correctable)
Summary: An issue was found where a custom banner was no longer present when logging into Unity CLI or external uemcli. This happened after recent Dell Unity OE upgrades from 5.1.2. or 5.2.0 through 5.2.1.x. The custom security banner was showing up correctly in Unisphere at login. Every time an SP reboots or there is an OE upgrade and both SPs reboot in controlled sequence, the issue was observed. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
The problem was attempted to be resolved by adding the banner again using the svc_banner command process. It was not successful. This is found on page 9 and 10 of the "Dell Unity™ Family Service Commands Technical Notes" documentation. This was not successful.
The following link shows the custom banner process.
https://www.dell.com/support/manuals/en-us/unity-350f/unity_p_svc_cmd_tech_notes/apply-custom-log-on-banners-svc_banner?guid=guid-5a9eeff7-23e6-49a8-8053-03eec9f02aff&lang=en-us
The problem is observed when:
The following link shows the custom banner process.
https://www.dell.com/support/manuals/en-us/unity-350f/unity_p_svc_cmd_tech_notes/apply-custom-log-on-banners-svc_banner?guid=guid-5a9eeff7-23e6-49a8-8053-03eec9f02aff&lang=en-us
The problem is observed when:
- The SPs are individually rebooted.
- Both SPs reboot as part of an OE upgrade with OE 5.1.x and higher
Cause
Dell engineering is working on a permanent fix for this issue which will be released in a future OE code update.
Resolution
Engineering determined there is a workaround which can be used until a full fix which is being added in a future OE code. There is no timeline for the permanent fix yet.
The following command must be issued to each SP after every SP reboot or code upgrade. This pulls the previously stored banner from nonvolatile memory in the SP.
Workaround:
To get to the peer SP from the primary SP use: ssh peer
To get back to the primary SP type: exit
Note: This command could be added to any custom SP reboot scripts that a customer uses so the banner is automatically reloaded.
The following command must be issued to each SP after every SP reboot or code upgrade. This pulls the previously stored banner from nonvolatile memory in the SP.
Workaround:
svc_banner -a
Example output: 01:40:30 service@Unity500-R14 spa:~/user# svc_banner -a INFO: checking system state ... (spa) INFO: checking system state ... (spb) INFO: Banner activated! (spb) INFO: operation successful (spb)! INFO: Banner activated! (spa) INFO: operation successful (spa)!Once the banner is repopulated from nonvolatile SP memory and enabled, it can be checked using:
svc_banner --dumpCan use the same command to verify on the peer SP
To get to the peer SP from the primary SP use: ssh peer
To get back to the primary SP type: exit
Note: This command could be added to any custom SP reboot scripts that a customer uses so the banner is automatically reloaded.
Affected Products
Dell EMC UnityArticle Properties
Article Number: 000211513
Article Type: Solution
Last Modified: 29 Mar 2023
Version: 1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.