Troubleshooting
Problem
The Guardium Data Encryption Expert (“GDEE”, “GDE”, Guardium “DEE”) product is highly sensitive to network configuration and relies on consistently configured hostnames and DNS. The product fails to operate when the system-configured hostname does not match the hostname returned by reverse name resolution.
Symptom
- CGSS Server Name "servername" is not known to the Security Server on Hosts page
- Server Name on dashboard shows "servername"; Servers in High Availability list show different hostnames such as a short name and a fully-qualified domain name.
- `hostname` command returns the system-configured hostname; may be a FQDN or an alias (short-name).
- Proprietary `check_host` command returns the resolver hostname; may be an alias (short-name) or a FQDN.
- Policy changes do not propagate from server to agents.
- "Pushing status" column is blank.
Cause
Product relies on correct and consistent network names. Hostname returned by 'hostname' command does not match hostname reported by proprietary "check_host" program.
Diagnosing The Problem
- 1. Determine the configured hostname by running the operating system command “hostname”:
$ hostname gde-dsm |
$ /opt/vormetric/coreguard/server/bin/internal/check_host gde-dsm.ibm.com |
Resolving The Problem
Change the configured hostname to be consistent with the resolved hostname.
- To determine the resolved hostname:
- To change the resolved hostname when using a “hosts” file, edit the file /etc/hosts to follow the format specified by RFC XXX:
- To change the configured hostname:
$ /opt/vormetric/coreguard/server/bin/internal/check_host
gde-dsm.ibm.com |
IP_address canonical_name alias alias ... |
1. Edit the file /etc/sysconfig/networking
2. Reboot the server for changes to take effect
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21694331