AAA, NAC, Guest Access & BYOD

 View Only
last person joined: one year ago 

Solutions for legacy and existing products and solutions, including Clearpass, CPPM, OnBoard, OnGuard, Guest, QuickConnect, AirGroup, and Introspect
Back to Library

Can I delete the "default" policy manager zone in CPPM? 

Jan 03, 2018 06:50 AM

Q:

Can I delete the "default" policy manager zone in CPPM? Will that create any issue?



A:

No, it's not recommended to delete "default" policy manager zone. In CPPM 6.6 a validation is enabled which prevails the user from  deleting the default policy manager zone and  will display the following error.

 

If the default zone is deleted it will create problem in a cluster setup. Administrator will not be able to add Subscriber to the cluster and it will fail with below errors:

2016-09-02 18:13:21,570 INFO   Tips.Db DbSetupSubscriber ******************************************
2016-09-02 18:13:21,571 INFO   Tips.Db DbSetupSubscriber ******* Starting DbSetupSubscriber *******
2016-09-02 18:13:21,571 INFO   Tips.Db DbSetupSubscriber ******************************************
...
2016-09-02 18:18:04,896 ERROR  Tips.Db DbSetupSubscriber Adding entry to publisher failed. StatusMsgList = ['ERROR - Adding subscriber node entry failed. Host=svr-orw-nac-02.wv.mentorg.com Management IP=xxx.xxx.xx.xx']
2016-09-02 18:18:04,897 ERROR  OUT  DbSetupSubscriber Adding entry to publisher failed
2016-09-02 18:18:04,897 ERROR  Tips.Db DbSetupSubscriber Adding node entry to publisher failed
Traceback (most recent call last):
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 67, in do_setup_subscriber
    conn_info_list = _add_node_entry_inpublisher(publisher_ip, publisher_password)
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 117, in _add_node_entry_inpublisher
    conn_info_list = _do_publisher_check_and_add_entry(publisher_ip, publisher_password)
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 244, in _do_publisher_check_and_add_entry
    raise TipsException(msg)
TipsException: Adding entry to publisher failed
2016-09-02 18:18:04,898 ERROR  OUT  DbSetupSubscriber Check that publisher is accessible and the password is correct
2016-09-02 18:18:04,898 ERROR  OUT  DbSetupSubscriber Verify that publisher runs the same software version as this node
2016-09-02 18:18:04,899 ERROR  OUT  DbSetupSubscriber Verify that publisher does not contain a duplicate entry for this node
2016-09-02 18:18:04,953 ERROR  Tips.Db DbSetupSubscriber Exception setting up local machine as subscriber. Publisher IP=xxx.xxx.xx.xx
Traceback (most recent call last):
  File "/usr/local/avenda/tips/bin/DbSetupSubscriber", line 79, in <module>
    restoreLocalNodeConfig, createBackup)
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 67, in do_setup_subscriber
    conn_info_list = _add_node_entry_inpublisher(publisher_ip, publisher_password)
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 117, in _add_node_entry_inpublisher
    conn_info_list = _do_publisher_check_and_add_entry(publisher_ip, publisher_password)
  File "/usr/local/avenda/tips/lib64/python2.4/DbSetupSubscriber.py", line 244, in _do_publisher_check_and_add_entry
    raise TipsException(msg)
TipsException: Adding entry to publisher failed
2016-09-02 18:18:04,953 ERROR  OUT  DbSetupSubscriber Setting up subscriber failed

 

NOTE:  Administrator would need to collect logs from ClearPass [ Policy Manager » Administration » Server Manager » Server Configuration » Collect Logs]. In the logs the above mentioned error can be verified in PolicyManagerLogs\platform-utils\platform.log.*

This happens because, deletion of  default zone will cause the insert operation for new node to fail in the publisher.  

In this scenario if we re-add the default zone and try to bring the cluster setup it should work.

 

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.