Smart questions
Smart answers
Smart people
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login
Remember Me
Forgot Password?
Join Us!

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips now!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
Join Tek-Tips
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

LINK TO THIS FORUM!

Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum.
Just copy and paste the
code below into your site.

Tek-Tips LinkedIn® Group

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Feedback

"...This has been the MOST helpful forum that I have been a part of and I want to say thank you. The tips, tricks and helpful advice that you all contribute to have been lifesavers in many instances..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!

Tek-Tips Shirts!

Get Tek-Tips Swag
Get your
Tek-Tips Forums
SWAG here!
Home > Forums > Server Rack > Back-up Systems > CA: ARCserve back-up > FAQs

CA: ARCserve back-up FAQ

ARCserve Domains

How to troubleshoot authentication problems.
faq478-5262
Posted: 30 Jun 04

Most common problem related to authentication is BrightStor User is not able to log on to BrightStor EB/AB. Some of the reasons and solutions are given below. In other cases, to pin out the problem, the user is advised to do as given below under the heading “Debugging Authentication” and send the related logs and information (if applicable) back to support for further investigation.


1)    I installed BrightStor just now and I couldn’t login to BrightStor GUI Manager.

Reason: It could be possible that the services that are responsible for authenticating the user are not running. Go to the service panel from control panel and check if BrightStor services are running specifically “BrightStor EB Domain Server”, “BrightStor EB Service Controller”, “CA Remote Procedure Call Server”. You can also check by going into the “Task Manager” for application “caauthd”. If you don’t find the instance of this application in Task Manager then you should stop and start the “BrightStor EB Domain Server” service from services panel and then try again to login into the BrightStor GUI Manager.
If the problem still exists, then open the command window and change the directory to $BXB_HOME (EB home directory) And run following commands…

>Ca_auth –user getall

The output on the screen should be close to as given below…

>User names:
>       caroot

If you don’t see at least one user “caroot” or there is some other error while running the command then you should go to “Debugging Authentication” section of this document and send the appropriate logs to BrightStor support for investigation.

2)    I changed my password to caroot. When I give the new password while logging in to BrightStor it gives me invalid password.

Reason 1: Your password didn’t change at the time of setup itself. This is because one of our processes failed to change the same. There have been various reasons for it. One of them could be that your machine name has extended characters or you have a machine name in language other than English. If this is the case then you should go to Debugging Authentication section from here.

Reason 2: You may have Microsoft’s Service for UNIX (3.0) installed. If that were the case then you would have to indicate the support to provide you with the fix/workaround for it. You would be given a batch file that you should put in your startup folder so that it would run every time when your computer starts. Also you have to make your “CA Remote Procedure Call Server” as manual so that it doesn’t start automatically as a service anymore. This problem occurs primarily because SFU has a port-mapper of its own and which conflicts with the BrightStor’s own port-mapper.

3)    I just installed the BrightStor and made it part of a Domain but I can’t login in into BrightStor for once.
Reason: This could be possible because your discovery.cfg file under $BXB_HOME\config doesn’t match with the one on the primary server. You have to be very particular about the case sensitivity of the names you supply. Actually you can copy should have the same discovery.cfg file on every member server.

4)    I can’t execute BrightStor commands on console. It says I don’t have access do the same although I am the Administrator of the machine.
Reason: You don’t have equivalence to the Primary User of the BrightStor i.e. caroot. You can easily find this out by running the following commands.

> Ca_auth –equiv getequiv Administrator (username on machine1)  machine1 (server name)
Ex. Output if you already have equivalence
C:\EB>ca_auth -equiv add nelth02 nelth02-tom caroot caroot ""
Equivalency is already there

If the output returns that you have no equivalence then you should run following commands to create equivalence….
>Ca_auth –equiv whoami
>Administrator@machine1@141.202.123.121
>
>Ca_auth –equiv add Administrator machine1 caroot caroot “xyz (password for caroot)”

If this command runs fine without any error condition then you have created equivalence successfully and now you can run command’s like ca_backup.exe, ca_restore.exe etc without any problems. One thing you should be aware off is that you have to again case-aware and use exactly the same case for <user name> and <machine name> as returned by the -whoami command.

To find out who has eqivalence to caroot
C:\EB>ca_auth -equiv getequiv
Equivalent BrightStorEB user for nelth02@nelth02-tom : caroot

Note:
If you are trying to give equivalence to a user account that is logged, then you should logout and log back in as this user.

Ca_auth  usage
C:\EB>ca_auth  

Usage :
        ca_auth [-cahost host] -user     add username passwd
        ca_auth [-cahost host] -user     delete username
        ca_auth [-cahost host] -user     chgpasswd username passwd
        ca_auth [-cahost host] -user     validate username passwd
        ca_auth [-cahost host] -user     group username
        ca_auth [-cahost host] -user     getall

Adding users
C:\EB>ca_auth -user add nelth02 (user) tom(password for the new user)

To find out the list of users after adding a new user
C:\EB>ca_auth -user getall

User names:

        caroot
        nelth02

Who has same rights as caroot?
C:\EB>ca_auth -equiv getequiv
Equivalent BrightStorEB user for nelth02@nelth02-tom : caroot

To delete a user
C:\EB>ca_auth -equiv delete nelth02 nelth02-tom

Msg when you don’t have equivalance to caroot
C:\EB>ca_auth -equiv getequiv
Get equiv for nelth02@nelth02-tom failed ... reason : No equivalence exists for
this user/host pair
Debugging Authentication:

Run the following commands…

•    ipconfig /all > ipconfig.log
•    netstat -na >netstat.log (This would let us know if the portmapper is running on his machine or not.)
•    rpcinfo.exe -p localhost >rpcinfo.log (This would let us know which BEB services have registered with the rpc server running on client machine)

Contacting portmapper for IP address=141.202.145.172

   program vers proto   port    servicename
    100000    3   udp    111    sunrpc
    100000    2   udp    111    sunrpc
    100000    3   tcp    111    sunrpc
    100000    2   tcp    111    sunrpc
    395650    1   tcp   1040    caloggerd
    395644    1   tcp   1050    caservd
    395649    1   tcp   1070    cadiscovd
    395645    1   tcp   1087    caqd/LQServer
    395647    1   tcp   1088    cadbd/LDbserver
    395648    1   tcp   1106    caauthd  …If you don’t see this you have a problem
    395646    1   tcp   4869    camediad/MediaSvr

•    rpcinfo.exe -t localhost 395648 1" > caauthd.txt

program 395648 version 1 ready and waiting …If you don’t see this then caauthd   is not working properly

Note : '>' to a file will not show the results on the screen.

Setup the following registry keys…
•    HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\Cheetah\Base\LogBrightStorEB\[DWORD]DebugLogs ==1. This would create rpc.log file under $BXB_HOME\logs
You should send these files to support.
 
 Other CA_AUTH examples:
ca_auth -equiv whoami (Show how does BrightStor sees the current logged in user. Note –cahost option is not valid for ‘whoami’)

For local EB domain,
ca_auth -equiv getequiv  (Show the status  of equivlance of the current user to caroot)
ca_auth  -equiv add Administrator machine1 caroot <caroot> <password> (To create equivalence)
 
If we are setting up equivalences for remote EB domain, then run the local EB domain command along with –cahost switch.
-ca_auth -cahost remoteEBMachinename -equiv getequiv
-ca_auth  -cahost remoteEBMachinename  -equiv add Administrator machine1 caroot <caroot> <password>

Back to CA: ARCserve back-up FAQ Index
Back to CA: ARCserve back-up Forum

My Archive
Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close