This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.
TrueSight Capacity Optimization
TSCO 11.3.01 and TSPS 11.3.01
After an upgrade to TrueSight Capacity Optimization (TSCO) 126.96.36.199 the registration of the TSCO Server in the in TrueSight Presentation Server (TSPS) GUI fails.
If this error occurs with TSCO 11.0.x, and TSPS was updated to version 11.3.01 or higher update to a supported TSCO version
An error generic message is displayed in the TSCO primary scheduler:
ERROR [taskid=19]- Error detected while extracting status from Service 'TrueSight Presentation Server' (id: 9) installed on host "TSCOserverHostName" INFO [taskid=19]- Component status of TrueSight Presentation Server (id: 9) installed on host "TSCOserverHostNamet" has been updated to ERROR
In TSPS GUI,when try to add TSCO component there is registration error:
INFO 05/24 14:57:14.283 [ComponentMgmt_1] c.b.t.p.e.c.m.t.ComponentManagementTask Update of component [TSCOserverHostName] failed : Error retrieving client certificate from Capacity Optimization: 403 INFO 05/24 14:57:14.288 [ComponentMgmt_1] c.b.t.p.e.c.m.t.ComponentManagementTask Performing get for : TSCOserverHostName INFO 05/24 14:57:26.499 [ComponentPing_1] c.b.t.p.e.c.m.t.ComponentManagementPingTask heartbeat for component [ hostname.domain.com, status : REGISTRATION_ERROR, Id : 9 ] is failed
The TSPS coRest log shows:
DEBUG 05/24 14:46:26.476 [ComponentPing_1] coRest Co Component is not well configured REGISTRATION_ERROR DEBUG 05/24 14:46:54.708 [ComponentMgmt_8] coRest updateNotification INFO 05/24 14:46:54.708 [ComponentMgmt_8] coRest Retrieve CO configuration ComponentConfiguration [hostname=TSCOserverHostName, protocol=HTTP, port=8280, username=null] DEBUG 05/24 14:46:54.708 [ComponentMgmt_8] coRest Start processing call GET HTTP://TSCOserverHostName:8280/dh-services/controller/secureKeys/client DEBUG 05/24 14:46:54.710 [ComponentMgmt_8] coRest Execute the call with the http client GET HTTP://TSCOserverHostName:8280/dh-services/controller/secureKeys/client DEBUG 05/24 14:46:54.869 [ComponentMgmt_8] coRest Performed GET HTTP://TSCOserverHostName:8280/dh-services/controller/secureKeys/client Status:403 DEBUG 05/24 14:46:54.869 [ComponentMgmt_8] coRest Received contentType: text/html;charset=utf-8 DEBUG 05/24 14:46:54.869 [ComponentMgmt_8] coRest Return response of the call GET HTTP://TSCOserverHostName:8280/dh-services/controller/secureKeys/client WARN 05/24 14:46:54.869 [ComponentMgmt_8] coRest General exception while processing request: [Error retrieving client certificate from Capacity Optimization: 403] DEBUG 05/24 14:46:54.872 [ComponentMgmt_8] coRest componentInfoNotification DEBUG 05/24 14:47:26.479 [ComponentPing_1] coRest heartbeatNotification STARTED DEBUG 05/24 14:47:26.479 [ComponentPing_1] coRest Co Component is not well configured REGISTRATION_ERROR
- Note that TSCO is configured in http and TSPS /RSSO in https, but this might happen as well in different environments.
It could be possible that the TSPS tssh.log shows the following message:
ERROR 05/24 13:21:04.703 [main] c.b.t.a.i.DatabaseConfigurationUtil BMC_TS-IN000004F Import failed - Cannot read the schema file at [C:\Program Files\BMC Software\TrueSightPServer\truesightpserver\componenttypes\co-plugin\conf\dbschema_update.sql] ERROR 05/24 13:21:04.703 [main] c.b.t.a.i.DatabaseConfigurationUtil BMC_TS-IN000004F Import failed - Cannot read the schema file at [C:\Program Files\BMC Software\TrueSightPServer\truesightpserver\componenttypes\co-plugin\conf\dbdata_update.sql]
403 Forbidden/401 Unauthorized and suspected that the admin user is not assigned to the correct roles or that those roles do not have that activity.
In the coRest.log we have seen the 403 Forbidden/401 Unauthorized and suspected that the admin user is not assigned to the correct roles or that those roles do not have that activity.
Run the following SQL queries against the TSCO database to check the configuration of the TSCO roles and permissions:
1) Verify the activity is defined:
select activityid, name from activity where name like 'API_INTERNAL' expected result: “907, API_INTERNAL”
2) Verify that activity is assigned to “All activities” roles:
SELECT activityid, roleid from role_activity where activityid = 907 expected result: “907, 0” SELECT * from role_activity where activityid = 907 expected result: “907, 0” If the result is empty, run the following sql to correct the issue: Insert into ROLE_ACTIVITY (ACTIVITYID,ROLEID) values (907,0); commit;
3) Verify the “admin” user is assigned to “All activities”
select accountid, name from account t0 where name='admin' and exists(select null from account_role t1 where t0.accountid=t1.accountid and roleid=0) expected result: “0, admin”
If the result is empty, run the following sql to correct the issue:
insert into account_role (accountid, roleid) values(0,0); commit;
IMPORTANT NOTE: This change may be reverted if the 'admin' user isn't associated with a RSSO group defined in the "External names" field for the TSCO Administration -> Users -> Roles -> ADMIN role. The issue is that when the 'admin' user logs in, if it isn't associated with an RSSO group defined in the 'External names' field for the ADMIN role in TSCO then the ADMIN role will be removed from that user and he won't have ADMIN rights anymore. To address the problem it is necessary to make sure that the 'admin' user account defined through RSSO is associated with a group that is in the External names list in the Role definition in TSCO. One can validate whether the 'admin' user has the ADMIN role in TSCO under Administration -> Users -> Accounts. One can validate that the ADMIN role has the 'Capacity_Administrators' 'External Name' defined under Administration -> Users -> Access groups.
4) After this please remove the TSCO component from TSPS and re-add it.