PowerProtect Data Manager 19.11 Cyber Recovery User Guide

PDF

Troubleshooting suggestions

The following table lists possible Cyber Recovery problems and suggested remedies.

Table 1. Troubleshooting suggestions
If you cannot Do the following
Install the Cyber Recovery software
  • Ensure that the crsetup.sh --check script verifies all prerequisites before continuing.
  • Ensure that you are using a stable version of Docker.
  • Set Docker to start on reboot with the systemctl enable docker command.
  • Find the crsetup.sh logs in the directory from which you run crsetup.sh.
  • If your system has an active firewall, ensure that the following ports are open on the firewall:
    • 14777 (for Cyber Recovery UI)
    • 14778 (for the Cyber Recovery REST API)
    • 14779 (for the Cyber Recovery Registry - local management host access)
    • 14780 (for the Cyber Recovery API Documentation)
Log in to the Cyber Recovery UI
  • Check the edge and users service logs.
  • Ensure that your DNS settings are resolvable.
  • If your system has an active firewall, ensure that the following ports are open on the firewall:
    • 14777 (for Cyber Recovery UI)
    • 14778 (for the Cyber Recovery REST API)
    • 14779 (for the Cyber Recovery Registry - local management host access)
    • 14780 (for the Cyber Recovery API Documentation)
Start the Cyber Recovery software after a reboot due to an unlabeled context type and custom policies. In an SELinux environment, if the Cyber Recovery software does not start after a reboot due to unlabeled context type and custom policies, do the following:
  1. Assuming that the Cyber Recovery software is installed in /opt/dellemc/cr, change the SElinux context, as shown in the following example: 
    chcon -u system_u -t bin_t /opt/dellemc/cr/bin/cradmin
chcon -u system_u -t bin_t /opt/dellemc/cr/bin/crcli
chcon -u system_u -t bin_t /opt/dellemc/cr/bin/crsetup.sh
chcon -u system_u -t bin_t /opt/dellemc/cr/bin/crshutil
chcon -u system_u -t bin_t /opt/dellemc/cr/bin/crsshutil
  2. Reboot the system.
The following is an example of the SElinux context: 
root@hostname $ ls -Z /opt/dellemc/cr/bin/
-rwxr-----. root root system_u:object_r:bin_t:s0       cradmin
-rwxr-----. root root system_u:object_r:bin_t:s0       crcli
-rwxr-----. root root system_u:object_r:bin_t:s0       crsetup.sh
-rwxr-----. root root system_u:object_r:bin_t:s0       crshutil
-rwxr-----. root root system_u:object_r:bin_t:s0       crsshutil
Enable multifactor authentication Because multifactor authentication is a time-based security mechanism, the Cyber Recovery host time cannot differ from the authenticator time by more (plus or minus) than one minute. If the time differs by more than +60 seconds or -60 seconds, multifactor authentication is not enabled. Set the Cyber Recovery host time so that it differs no more than a minute (plus or minus) from the authenticator time.
NOTE If you modify the Cyber Recovery host time, stop and then restart the Cyber Recovery services.
To avoid this scenario, internal NTP configuration is recommended.
(For crso only) Log in because multifactor authentication is enabled and you are unable to provide the security code As the crso, type crsetup.sh --changepassword or crsetup.sh -w to change the crso password and disable multifactor authentication. Enable multifactor authentication again after you log in.
Change the application type Delete the application and then add a new application and choose the appropriate application type.
Run a job Check the schedules, policies, or mgmtdds service logs.
Complete a successful Sync job If the DD system on the Cyber Recovery vault exceeds the space usage threshold, clean up the DD system to reclaim space. Then, restart the Sync job.
Receive alert email messages
  • If your system has an active firewall, ensure that port 25 is open on the firewall.
  • Verify your Postfix or email configuration and check that you added the email for alert notifications.
Secure the Cyber Recovery vault Check the vault service logs.
Recover or analyze Check the apps, mgmtdds, and policies service logs.
Run a subsequent Analyze job after performing a DR backup while running an Analyze job Wait for the currently running Analyze job to finish, delete the stale sandboxes, and then run the Analyze job again.
NOTE When you perform a DR backup while an Analyze job is running, the Cyber Recovery software marks the Analyze job as critical even though it is still running.
Run a policy, sandbox, or recovery due to mount errors from the DD system Ensure that the NFSv4 and NFSv3 settings on the DD system are configured to run NFS operations:
  1. From the DD UI, got to Protocols > NFSand then click Options.
  2. To run an NFSv3 server only, ensure that the values for the Default Export Version and Default Servers Version fields are set to NFSv3.
  3. To run an NFSv4 server only, ensure that the values for the Default Export Version and Default Servers Version fields are set to NFSv4 and the NFSv4 ID Map Out Numeric field is set to always.
  4. To run both an NFSv3 and NFSv4 server, ensure that the values for the Default Export Version and Default Servers Version fields are set to NFSv3 and NFSv4 and the NFSv4 ID Map Out Numeric field is set to always.
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\