PowerEdge: SEC0704 "authentication check" failure at service start with iDRAC Service Module on Linux

Summary: iDRAC Service Module (iSM) 5.2.0 and earlier on any supported Linux version fails to start its service with a SEC0704 error logged if the install path of its binaries contains a symlink to a different path. Alternative install paths are not accepted by iSM’s own binary verification system. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

The following error may be recorded in the main Linux system log after the iSM service "dcismeng.service" fails to start:

SEC0704: The authentication check operation performed by iSM has failed for the following module or application because either the Binary Load path is incorrect or the binary or configuration file is tampered, replaced, or untrusted : Faulting application: "dsm_ism_srvmgrd"

Cause

iSM checks its own integrity of its binaries before its service continues to start. This integrity authentication check includes the actual hard path of where the binary is installed within the /opt/ partition only. If /opt contains a symlink to a different location such as another drive containing more storage the check fails to start iSM.

Resolution

This is working as designed. iSM expects to install its files in the absolute /opt partition path. Instead of using symlinks it is recommended to mount a different drive/partition to the /opt path instead.

Affected Products

iDRAC Service Module, iDRAC Service Module 5.x

Products

Red Hat Enterprise Linux Version 9, Red Hat Enterprise Linux Version 8, SUSE Linux Enterprise Server 15, Ubuntu Server LTS
Article Properties
Article Number: 000215413
Article Type: Solution
Last Modified: 09 Jan 2025
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.