IBM Support

CGSS Server Name "servername" is not known to the Security Server

Troubleshooting


Problem

The Guardium Data Encryption Expert (“GDEE”, “GDE”, Guardium “DEE”) product is highly sensitive to network configuration and relies on consistently configured hostnames and DNS. The product fails to operate when the system-configured hostname does not match the hostname returned by reverse name resolution.

Symptom

  • CGSS Server Name "servername" is not known to the Security Server on Hosts page
  • Server Name on dashboard shows "servername"; Servers in High Availability list show different hostnames such as a short name and a fully-qualified domain name.
  • `hostname` command returns the system-configured hostname; may be a FQDN or an alias (short-name).
  • Proprietary `check_host` command returns the resolver hostname; may be an alias (short-name) or a FQDN.
  • Policy changes do not propagate from server to agents.
  • "Pushing status" column is blank.

Cause

Product relies on correct and consistent network names. Hostname returned by 'hostname' command does not match hostname reported by proprietary "check_host" program.

Diagnosing The Problem

    1. Determine the configured hostname by running the operating system command “hostname”:
    $ hostname
    gde-dsm
    2. Determine the resolved hostname by running the check_host command:
    $ /opt/vormetric/coreguard/server/bin/internal/check_host
    gde-dsm.ibm.com
    3. Compare the configured hostname against the resolved hostname. If they do not match, follow the steps below.

Resolving The Problem

Change the configured hostname to be consistent with the resolved hostname.

  • To determine the resolved hostname:
    • $ /opt/vormetric/coreguard/server/bin/internal/check_host

    gde-dsm.ibm.com

  • To change the resolved hostname when using a “hosts” file, edit the file /etc/hosts to follow the format specified by RFC XXX:
    • IP_address canonical_name alias alias ...
  • To change the configured hostname:

    • 1. Edit the file /etc/sysconfig/networking

    2. Reboot the server for changes to take effect

[{"Product":{"code":"SSSPPK","label":"IBM Guardium Data Encryption"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21694331

Page Feedback