Data Protection Advisor: When Exporting Database Receive Message "Unable to backup the Application server lockbox file"
Summary: Getting a message at the end of a DPA database export "[WARNING] Unable to backup the Application server lockbox file."
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
A database export is deemed a valid backup of the Data Protection Advisor (DPA) datastore.
To run:
To run:
- Windows:
<DPA install dir>\dpa\services\bin> dpa datastore export --debug
- Linux:
<DPA install dir>/dpa/services/bin> ./dpa.sh datastore export --debugA warning message appears upon completion of a database export. The warning is either output to the screen if debug command is used, or is seen in datastore.log
[DEBUG] Successfully backed up the Datastore lockbox file at: /opt/emc/dpa/dpa_backup/datastore-19_9_0_64-2023-12-04-2029/ds-lockbox-19_9_0_64-2023-12-04-2030.lb [DEBUG] Successfully backed up the Lockbox configuration file at: /opt/emc/dpa/dpa_backup/datastore-19_9_0_64-2023-12-04-2029/lockbox-config-19_9_0_64-2023-12-04-2030.lb [WARNING] Unable to backup the Application server lockbox file ,Please back it up along with DataStore Export to ensure Application Server lockbox is available post replication or disaster recovery.
Cause
The warning is not an issue.
The lockbox files on the datastore are automatically backed up when exporting a database. The above warning is a reminder that the backup must be done on the application server. This is a new recommendation in more recent code versions for precautionary measures.
The lockbox files on the datastore are automatically backed up when exporting a database. The above warning is a reminder that the backup must be done on the application server. This is a new recommendation in more recent code versions for precautionary measures.
Resolution
As per the Admin Guide:
A lockbox is a mechanism by which sensitive data, for example, pass phrases, configuration keys, and so on, is encrypted and stored. This mechanism provides a stronger level of security for important data.
In DPA, a lockbox is essentially a collection of files where an encryption key, which is used for encrypting sensitive data is stored. The lockbox file containing the encryption key is secured with a password, which is encrypted and stored inside the file called lockbox.conf.
DPA has three lockbox-related files that are on the DPA application server. The files are:
/opt/emc/dpa/services/executive/application.lb /opt/emc/dpa/services/executive/application.lb.FCD /opt/emc/dpa/services/executive/lockbox.confThese files are created during DPA installation, and the encryption keys are randomly generated every time that they are created. These files are not modified during upgrades.
Affected Products
Data Protection AdvisorArticle Properties
Article Number: 000220244
Article Type: Solution
Last Modified: 15 Dec 2023
Version: 2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.