Service Desk Practitioners Forum
cancel
Showing results for 
Search instead for 
Did you mean: 

multiple management servers SD 5

Highlighted
dschul
Regular Collector

multiple management servers SD 5

Hi

Was anybody able to get 2 Management Servers working together with SD 5? As soon as we enable the second management server we get the following error message:

"Login failed. signed subject authentication failure"

In the log file I have this entry:

Apr 11, 2006 3:25:12 PM;48;13;com.hp.ov.sec.login.common.SignedSubject;isValid;com.hp.ov.sec.login.common.SignedSubject;SEVERE;Error verifying the subject due to exception: class com.hp.ov.sec.core.MessageSignatureException: Failed to create MessageVerifier..

As soon as I stop all services on the second management server it works again.

Thanks for your help

Daniel
7 REPLIES
JaS_4
Honored Contributor

Re: multiple management servers SD 5

Hi Daniel,

I had similar problems. You may want to disable certain components on one of the management console. In the guide, it mentioned for some components like reporting, slm, & etc, you only need it on on management console for the whole environment.
Work out what components you want loaded on which management consoles and avoid conflicts between them.
dschul
Regular Collector

Re: multiple management servers SD 5

Hi Jason

Thanks for the reply. I tried exactly what you said but with no success... Damn. This thing drives me mad. Even HP cannot help us...
JaS_4
Honored Contributor

Re: multiple management servers SD 5

Hi Daniel,

I was setting another server for load balancing and noticed something in the installation process.

When setting the 2nd server, choose the Secondary server option which will not create a new database and use existing database. It will also not install the OV certificate server module (ovcs).

Also, if you have old crappy hardware like mine, during the starup some module may timeout and not installed. This can be fix by starting those module manually.
In a dos box, type ovc and see which module is aboprted or stopped and type eg. ovc -start ovloginsv to start it up. Note: some module are dependent on others modules to be up first.

I hope that helped.
dschul
Regular Collector

Re: multiple management servers SD 5

Hi Jason

I have attached a screenshot of the services that are running on both servers, does it look the same on yours?

Cheers

Daniel
JaS_4
Honored Contributor

Re: multiple management servers SD 5

Hi Daniel,

This is what I have.
ovcd
ovobsag
ovbbccb
ovapacheA
ovobs
ovloginsv
ovcs
ovsdslm
ovsdreport
ovtomcatA
ovsdma

On 2nd box,
ovcd
ovbbccb
ovapacheA
ovobs
ovloginsv
ovsdslm
ovsdreport
ovtomcatA
ovsdma

You are right, I do get the "Login failed. signed subject authentication failure". I had assume some of the process on the 2nd box is timing out and some dependencies cannot not occur. So I normally, just start the dependencies process first and both boexes will work then. Eg like get the tomcat and apache running before ovobs and etc etc.
dschul
Regular Collector

Re: multiple management servers SD 5

Hi Jason

We found the solution for our problem. Well, actually HP did.

We did the following:
1. On the primary server (the one running the certificate server): run the following command:

ovcert -exporttrusted -file c:\trusted.cert -ovrg server

(c:\trusted.cert is just a file name, you can choose any)

2. Transfer the file that is created (trusted.cert) to the secondary server (I assume it is put in c:\ again)

3. On the secondary server: stop all processes (ovc -stop)

4. On the secondary server: run the following command:

ovcert -importtrusted -file c:\trusted.cert

5. On the secondary server: start the object server processes again (ovc -start)

If you now run the command ovcert -list on the secondary server it should show the trusted certificate that has been imported. Please test the ovconsole loadbalancing after this change has been applied and let me know the results.

Maybe it helps you as well.

Daniel
JaS_4
Honored Contributor

Re: multiple management servers SD 5

Hi Daniel,

Still not working for me. I think mine is a different problem.

I have the cert imported on my 2nd machine but when it boots up, apache & tomcat is aborted and I need to manually start all the process up as usual.
Only ovcd and ovbbccb is running.

If I am having cert problem, I shouldn't be able to start up all but I can always manually starts it up.

Thanks for the tip anyway.
//Add this to "OnDomLoad" event