Data Protection Advisor:导出数据库时收到消息“Unable to backup the Application server lockbox file”

Summary: 在 DPA 数据库导出结束时收到一条消息“[WARNING] Unable to backup the Application server lockbox file.”

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

数据库导出被视为 Data Protection Advisor (DPA) 数据存储区的有效备份。

要运行:
  • Windows: 
<DPA install dir>\dpa\services\bin> dpa datastore export --debug
  • Linux:  
<DPA install dir>/dpa/services/bin> ./dpa.sh datastore export --debug
完成数据库导出后,将显示一条警告消息。如果使用调试命令,则警告是输出到屏幕,或者在 datastore.log 中看到 
[DEBUG] Successfully backed up the Datastore lockbox file at: /opt/emc/dpa/dpa_backup/datastore-19_9_0_64-2023-12-04-2029/ds-lockbox-19_9_0_64-2023-12-04-2030.lb

[DEBUG] Successfully backed up the Lockbox configuration file at: /opt/emc/dpa/dpa_backup/datastore-19_9_0_64-2023-12-04-2029/lockbox-config-19_9_0_64-2023-12-04-2030.lb

[WARNING] Unable to backup the Application server lockbox file ,Please back it up along with DataStore Export to ensure Application Server lockbox is available post replication or disaster recovery.

Cause

警告不是问题。

导出数据库时,将自动备份数据存储区上的密码箱文件。上述警告提醒您,必须在应用程序服务器上完成备份。这是最新代码版本中针对预防措施的新建议。

Resolution

根据《管理员指南》 :

密码箱是一种加密和存储敏感数据(例如密码、配置密钥等)的机制。此机制可为重要数据提供更高级别的安全性。

在 DPA 中,密码箱本质上是用于加密敏感数据的加密密钥的文件集合。包含加密密钥的密码箱文件使用密码进行保护,密码加密并存储在名为 lockbox.conf 的文件中。

DPA 有三个与密码箱相关的文件位于 DPA 应用程序服务器上。这些文件包括: 
/opt/emc/dpa/services/executive/application.lb

/opt/emc/dpa/services/executive/application.lb.FCD

/opt/emc/dpa/services/executive/lockbox.conf
这些文件是在 DPA 安装期间创建的,并且每次创建加密密钥时都会随机生成这些密钥。这些文件在升级期间不会修改。

Affected Products

Data Protection Advisor
Article Properties
Article Number: 000220244
Article Type: Solution
Last Modified: 15 Dec 2023
Version:  2
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.