ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: client auth failure: password issue..

2002-06-26 19:23:03
Subject: Re: client auth failure: password issue..
From: Steve Harris <Steve_Harris AT HEALTH.QLD.GOV DOT AU>
Date: Thu, 27 Jun 2002 09:17:41 +1000 
I'm getting something similar.

The environment is Veritas cluster in which nodes keep moving from one machine 
to another. Everything worked fine at client level 3.7, but at 4.2.1.0 and 
4.2.1.28 (server is 4.2.1.8) I keep getting these errors.  My nodes are 
password generate with a long password expiry period.

What I'm thinking is that the password for the *administrative user* for the 
node is expiring, but I haven't yet been able to sit down for long enough to 
figure out some tests to prove or disprove this.

Ideas are welcome.


Steve Harris
AIX and TSM Admin
Queensland Health, Brisbane Australia
 

>>> KauffmanT AT NIBCO DOT COM 27/06/2002 6:43:19 >>>
I just ran into something similar on TSM server 4.2.1.13 and haven't opened
a PMR on it yet -- my admin password expired, and I got the authentication
failure message. No word about 'password expired', and NO option to enter a
new one. Maybe your client password has expired? Try q node <nodename> and
see how many days it's been since the password has been changed.

Tom Kauffman
NIBCO, Inc

> -----Original Message-----
> From: horse [mailto:horse AT AUSTIN.IBM DOT COM] 
> Sent: Wednesday, June 26, 2002 2:52 PM
> To: ADSM-L AT VM.MARIST DOT EDU 
> Subject: client auth failure: password issue..
>
>
> Hi,
>  Sorry for the long post but I see posts with too little data and
> subsequent responses requiring more data AND the correct data to debug
> this issue may not even be in this post!!!
>
>  Pls keep in mind that I have 27 AIX client's running,
> successfully, and
> ALL client's have been configured identically except for the pertinent
> local stuff per client.
>
>  ALL SERVERS WORKED INITIALLY......
>
>  HISTORY:
>  A different client had the same issue yesterday and I finally got fed
> up with trying to figure the issue out and deleted the
> filespace(s) and
> client from the TSM server and re-registered it.
>  THIS IS NOT AN OPTION THAT I CARE TO REPEAT..... but it did
> work   :>(
>
>  The same failure occurs if ran via script or cmdline...
>
>  The incremental backups are via a ksh script as follows:
>  cat /sys_adm/bin/daily.backup.ibm:
> ********************* snip ********************
> #!/bin/ksh
> #set -xv
> # Test for the proper OS
> OS=`uname`
> if [ $OS != "AIX" ]; then
>         echo This script is written for AIX systems. You are on $OS.
>         exit 1
> fi
>
> # Set variables
> export REMOTEHOST=einfo
> export HOSTNAME=`/usr/bin/hostname -s`
> export HOSTCAPS=`echo $HOSTNAME | tr '[a-z]' '[A-Z]'`
> export LOGDIR=/sys_adm/logs/backup
> export LOGFILE=$LOGDIR/daily.backup.log
> export INCLEXCL_FILE=/usr/tivoli/tsm/client/ba/bin/.inclexcl
> export DATE=`date "+%y%m%d"`
>
> > $LOGDIR/daily.backup.log
>
> # Set the recipient for notification
> if [ -s /sys_adm/bin/recipient ]; then
>         RECIPIENT=`cat /sys_adm/bin/recipient`
> else
>         RECIPIENT=root
> fi
>
> # Test conditions
> if [ ! -x /usr/tivoli/tsm/client/ba/bin/dsmc ];then
>         echo "tsm - dsmc is not installed!"
>         exit 1
> elif [ ! -d $LOGDIR ]; then
>         echo "$LOGDIR does not exist!"
>         exit 1
> fi
>
> # Initialize logfile
> echo > $LOGFILE
> date >> $LOGFILE
> echo >> $LOGFILE
>
> # Run pre-backup script
> if [ -x /sys_adm/bin/daily.backup.preproc.ibm ]; then
>         /sys_adm/bin/daily.backup.preproc.ibm
> else
>         echo "Skipping pre-backup directives .." >> $LOGFILE 2>&1
> fi
>
> # Do the backup
> cd /
> /usr/tivoli/tsm/client/ba/bin/dsmc incre >> $LOGFILE 2>&1
>
> # Test the return code from dsmc and send an email notification
> if [ $? -ne 0 ]; then
>         echo "FAILED daily backup: Please see the file
> $HOSTCAPS:$LOGFILE
> for mor
> e information." | \
>  mail -s "FAILED daily backup on $HOSTCAPS" $RECIPIENT < $LOGFILE
>         else echo "SUCCESSFUL daily backup of $HOSTNAME." | \
>  mail -s "SUCCESSFUL daily backup on $HOSTCAPS" $RECIPIENT < $LOGFILE
> fi
>
> # Run post-backup script
> if [ -x "/sys_adm/bin/daily.backup.postproc" ]; then
>         /sys_adm/bin/daily.backup.postproc >> $LOGFILE 2>&1
> else
>         echo "Skipping post-backup directives .." >> $LOGFILE 2>&1
> fi
>
> exit 0
> ******************* snip ********************
>
>
>  Following is the returned error codes:
>
> tsm server side:
>  q actl:
> 06/26/02 00:15:00     ANR0406I Session 221 started for node EDEVPMS2
> (AIX)
>                        (Tcp/Ip
> 9.3.32.55(32944)).
> 06/26/02 00:15:00     ANR0424W Session 221 for node EDEVPMS2 (AIX)
> refused -
>                        invalid password
> submitted.
> 06/26/02 00:15:00     ANR0403I Session 221 ended for node
> EDEVPMS2 (AIX).
>
>
>
> tsm client side:
>   cat dsmerror.log:
> 06/21/02   20:30:49 sessOpen: Error 137 from signon authentication.
> 06/26/02   00:15:00 sessOpen: Error 137 from signon authentication.
> 06/26/02   00:15:00 sessOpen: Error 137 from signon authentication.
> 06/26/02   00:15:00 ANS1025E Session rejected: Authentication failure
>
> 06/26/02   10:15:14 sessOpen: Error 137 from signon authentication.
>
> tsm client side:
>  cat /sys_adm/logs/backup/daily.backup.log:
> Wed Jun 26 00:15:00 CDT 2002
>
> Skipping pre-backup directives ..
> Tivoli Storage Manager

> *** Fixtest, Please see README file for more information ***
> Command Line Backup Client Interface - Version 4, Release 2,
> Level 1.25
> (C) Copyright IBM Corporation, 1990, 2001, All Rights Reserved.
>
> Node Name: EDEVPMS2
> Please enter your user id <EDEVPMS2>:
> ANS1025E Session rejected: Authentication failure
>
> Skipping post-backup directives ..
>
>
>  The above is a starting place but maybe something will be
> pointed to...
>
> Lindsey Thomson
>


**********************************************************************
This e-mail, including any attachments sent with it, is confidential 
and for the sole use of the intended recipient(s). This confidentiality 
is not waived or lost if you receive it and you are not the intended 
recipient(s), or if it is transmitted/ received in error.  

Any unauthorised use, alteration, disclosure, distribution or review 
of this e-mail is prohibited.  It may be subject to a statutory duty of 
confidentiality if it relates to health service matters.

If you are not the intended recipient(s), or if you have received this 
e-mail in error, you are asked to immediately notify the sender by 
telephone or by return e-mail.  You should also delete this e-mail 
message and destroy any hard copies produced.
**********************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  import archive problems on 4.1.2.15 solaris, Jolliff, Dale
Next by Date:  Re: Backing Up Oracle DB with TSM 4.2.1, Steve Harris
Previous by Thread:  Re: client auth failure: password issue.., Kauffman, Tom
Next by Thread:  IO errors on tape drives, Guillaume Gilbert
Indexes:  [Date] [Thread] [Top] [All Lists]