Server to Server Configuration

Andrew21210 · Jan 19, 2015

We have built a new TSM 6.3.5 server to replace out aging 5.5.6 server. I would like to set up server to server communications so I can move my client option sets, scripts, admins, etc over to the new server. I've set up the 5.5.6 server as a configuration manager and the 6.3.5 server as a managed server but I am getting an error.

ANR3089E DEFINE SUBSCRIPTION: Command failed - Server-to-server communication error with server SERVER1
ANS8001I Return code 14.

I've checked and double checked my server defines and they are correct as far as I can see. Any idea why this is not working. I tried this between two 6.3.4 test servers and it worked fine.

Harry_Redl · Jan 19, 2015

Hi,
any error in the 5.5.6 server activity log?

Harry

Andrew21210 · Jan 20, 2015

Harry_Redl said:
Hi,
any error in the 5.5.6 server activity log?

Harry

Nothing communication related. Is it possible to have a lower level server as the config manager?

Harry_Redl · Jan 20, 2015

Yes, it is possible - although there may be a limitation if the difference is too big (I guess). I would expect connection attempt to be seen in the Config Manager's activity log. Can you trace the network to see there is a communication between the two servers in the moment of the attempt?
Harry

Andrew21210 · Jan 23, 2015

I've been experimenting with this for a couple of days now and the conclusion that I've come to is that I have an authentication issue. If I understand it correctly, when you subscribe to a profile, the managed server from which you run the command sends the server password and an encrypted validation key. In my case, the managed server from which I am sending the subscribe profile command is encrypting the information using AES(128). The config manager server is set to DES(56) and therefore cannot properly decrypt the request and authentication fails.

When I run a q status on my managed server, there is a parm called "Encryption Strength: AES" near the bottom. This is the default for 6.3.5 server. I believe it can be changed to DES by entering encryptiontype=DES. Do you know what file I need to add the parm to? Is it the dsmserv.opt file?

Harry_Redl · Jan 23, 2015

Hi,

"encryptiontype" is an option of the client - so I do not think it applies here. Do you have same administrator (with the same password) on the source server as on the destination one (the one you use to run the "define subscription")? I still believe that in case of authentication problem you should see an error message in the source server log ....
Can you "ping server XYZ"?
Have you considered using "export admin" command?

Harry

Server to Server Configuration

Andrew21210

Harry_Redl

Moderator

Andrew21210

Harry_Redl

Moderator

Andrew21210

Harry_Redl

Moderator

Data Privacy Impact Assessment

Sponsor ADSM.ORG

Navigation Menu

NordVPN 3 Months FREE

Forum statistics