1 2 Previous Next 20 Replies Latest reply on Jul 6, 2018 4:59 AM by Hitesh Jha

    How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3

    Rajat Jain
      Share This:

      Hi,
      I am trying to upload vault.db and vault.key file from ADDM 1.0.0.2 to ADDM 11.0.0.3 in my environment. But after replacing the vault files, ADDM services are not starting , getting error while starting vault service. The error is as follows:

      Starting Security service:                             [  OK  ]
          Starting Model service:                                [  OK  ]
          Starting Vault service:                                [FAILED]
      Tue Jul  4 03:30:53 2017 : tw_svc_vault started.
      Traceback (most recent call last):
        File "./main.py", line 62, in <module>
        File "./main.py", line 50, in main
        File "./servants.py", line 1964, in init
        File "./servants.py", line 54, in decorated
        File "./servants.py", line 217, in open
      omniORB.CORBA.NO_PERMISSION: CORBA.NO_PERMISSION(0x54570010, CORBA.COMPLETED_NO)
      Tue Jul  4 03:30:53 2017 : Watchdog : Service failed in 0.3 seconds (signal 0; exit 1). Exiting.
      ERROR: Failed to start services

      Please suggest. When I upload vault files from another 11.0.0.3 server, it works.

      Regards,
      Rajat Jain

        • 1. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
          Andrew Waters

          I presume that you had a passphrase protected vault and put it on a machine without a passphrase?

          • 2. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
            Rajat Jain

            We do have password configured for our scanning IDs in ADDM. Request you to please tell me a way to solve this issue.

            • 3. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
              Adam Kerrison

              The easiest way is to move the vault db and key out of the way and restart the vault service: this will create a new, empty vault without a passphrase. Now set the passphrase in the usual way. Once that's done, stop the vault service, copy your files back into place (overwriting the empty vault) and start the vault service again.

               

              Please note: NEVER copy or move the vault files while the vault service is running. This can result in db corruption which will not be recoverable.

              2 of 2 people found this helpful
              • 4. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                Rajat Jain

                I do not understand the process stated above. I understand as:

                 

                1) Stop vault service

                2) Remove the vault.db and vault.key file from /usr/tideway/etc

                3) Start vault service

                ** this will create a new and empty vault.db and vault.key file in /usr/tideway/etc

                4) Set the paraphrase in the usual way  --  NOT sure how to do this when vault file is empty

                5) Copy the vault files from the other system, from where I need to copy them (ADDM 11.0.0.2).

                 

                Please suggest.

                • 5. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                  Andrew Waters

                  It doesn't make any difference if the vault is empty.

                   

                  My suggestion would be to search for passphrase in the docs. Setting a passphrase is covered from the UI here or the command line here.

                  1 of 1 people found this helpful
                  • 6. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                    Adam Kerrison

                    Step 2 - don't remove the vault files, move/copy them out of the way (to /tmp for example). I am assuming these files contain the credentials you want to use?

                    Step 5 - move/copy the files from step 2 back into place (/usr/tideway/etc)

                    1 of 1 people found this helpful
                    • 7. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                      Rajat Jain

                      Tried the above but vault service is not starting on restarting services after step 5

                      • 8. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                        Andrew Waters

                        If you want help you need to provide more than not starting. If it is not starting in the same way as previously you did not successfully set a passphrase on the empty vault.

                        • 9. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                          Rajat Jain

                          I am not able to fully understand the process which is narrated above. But I contacted my stakeholders and one of them luckily have password list. Thus, I have resolved my issue from straight away method - adding credentials

                           

                          Thanks all of you for your suggestions.

                          • 10. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                            Hitesh Jha

                            Hello Andrew,

                             

                            In my case I am getting an error as below.

                            [tideway@halshipaddm01 etc]$ sudo /sbin/service tideway start

                            Starting local BMC Discovery application services

                                Starting Security service:                             [  OK  ]

                                Starting Model service:                                [  OK  ]

                                Starting Vault service:                                [FAILED]

                            Wed Jul  4 06:43:01 2018 : tw_svc_vault started.

                            Traceback (most recent call last):

                              File "./main.py", line 62, in <module>

                              File "./main.py", line 50, in main

                              File "./servants.py", line 2108, in init

                              File "./servants.py", line 65, in decorated

                              File "./servants.py", line 250, in open

                            VaultCORBA.OperationFailed: VaultCORBA.OperationFailed(reason='Unable to open the vault')

                            Wed Jul  4 06:43:01 2018 : Watchdog : Service failed in 0.2 seconds (signal 0; exit 1). Exiting.

                            ERROR: Failed to start services

                            • 11. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                              Andrew Waters

                              Given the line numbers are completely different I presume that this is 11.2 or 11.3.

                               

                              Did you have a passphrase on the appliance from which you copied the vault?

                              • 12. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                                Hitesh Jha

                                Hello Andrew,

                                 

                                ADDM appliance ver - 11.3.0.1

                                 

                                I guess passphrase is not set as per the below screenshot.I have one more query Do we need to copied the vault.key file as well.

                                 

                                I can see private keys for source and destination both are different.

                                 

                                • 13. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                                  Andrew Waters

                                  Is this where you copoed the vault from? The machine with the picture does not have a passphrase.

                                   

                                  I have no idea what "I can see private keys for source and destination both are different." means. Which private keys?

                                  • 14. Re: How to use vault file of ADDM 11.0.0.2 in ADDM 11.0.0.3
                                    Hitesh Jha

                                    Hello Andrew,

                                     

                                    Yes.Also I have cross validate from the CLI and found that passphrase is not set for both the appliances.

                                     

                                    Source:

                                    [tideway@ABC ~]$ tw_vault_control --status

                                    Password for BMC Discovery UI user system:

                                    State      : OPEN

                                    Passphrase : Unset

                                     

                                     

                                    Credential Counts

                                                                   Amazon Web Services : 0

                                                                           Atrium CMDB : 2

                                                                     Cisco IMC Web API : 0

                                                                    EMC VPLEX REST API : 0

                                                                           File Export : 0

                                                                        HP iLO Web API : 0

                                                                           JDBC Export : 1

                                                                   Mainview z/OS Agent : 0

                                                                       Microsoft Azure : 0

                                              Nimble Web API with token authentication : 0

                                                                             OpenStack : 0

                                            RESTful Web API with OAuth2 authentication : 0

                                             RESTful Web API with basic authentication : 0

                                            RESTful Web API with digest authentication : 0

                                                                                  SNMP : 24

                                                                                   SQL : 0

                                                                                  WBEM : 12

                                                                               Windows : 88

                                                                                rlogin : 0

                                                                                   ssh : 12

                                                                                telnet : 0

                                                                               vCenter : 87

                                                                               vSphere : 48

                                            --------------------------------------------------

                                                                                 Total : 143

                                     

                                    Destination:

                                     

                                    [tideway@XYZ etc]$ tw_vault_control --status

                                    Password for BMC Discovery UI user system:

                                    State      : OPEN

                                    Passphrase : Unset

                                     

                                     

                                    Credential Counts

                                                                   Amazon Web Services : 0

                                                                           Atrium CMDB : 0

                                                                     Cisco IMC Web API : 0

                                                                    EMC VPLEX REST API : 0

                                                                           File Export : 0

                                                                        HP iLO Web API : 0

                                                                           JDBC Export : 0

                                                                   Mainview z/OS Agent : 0

                                                                       Microsoft Azure : 0

                                              Nimble Web API with token authentication : 0

                                                                             OpenStack : 0

                                            RESTful Web API with OAuth2 authentication : 0

                                             RESTful Web API with basic authentication : 0

                                            RESTful Web API with digest authentication : 0

                                                                                  SNMP : 0

                                                                                   SQL : 0

                                                                                  WBEM : 0

                                                                               Windows : 0

                                                                                rlogin : 0

                                                                                   ssh : 0

                                                                                telnet : 0

                                                                               vCenter : 0

                                                                               vSphere : 0

                                            --------------------------------------------------

                                                                                 Total : 0

                                     

                                    I am talking about the vault.key it is different for both the appliances.

                                     

                                    Immediate response will be highly appreciated !!!

                                    1 2 Previous Next