Symantec Privileged Access Management

 View Only
  • 1.  How do I ensure a clean backout of PIM?

    Posted Jan 15, 2016 01:42 PM

    I had been performing dry runs of the PIM 12.9 SP1 installation and backing out  the deployment. At this point we had run into a situation where the uninstall on Red Hat was not clean. Has anyone found a way to confirm that the uninstaller has cleaned itself up?

    In one case we could not re-install the ENTM on the server that we just uninstalled due to residual files but we could not find what they were.



  • 2.  Re: How do I ensure a clean backout of PIM?
    Best Answer

    Posted Jan 19, 2016 10:40 AM



    I have seen re-installs fail due to the seos.ini file from the previous install still around. I would recommend checking the system for seos.ini file before reinstall. Specifically the /etc/seos.ini link we create during the install.


    Beyond that I would make sure the /opt/CA/AccessControlServer folder is removed completely and a new JBoss folder is deployed between each install attempts. The database needs to be dropped and recreated. Any data from a previous install will cause the new install to fail as we will not be able to decrypt it.


    I would also check RPM (rpm -qa) for the CAeAC install package we use to install the endpoint during Enterprise Manager install. This needs to be removed by rpm -e or/and rpm -e --justdb.




    Aaron Armagost

  • 3.  Re: How do I ensure a clean backout of PIM?

    Broadcom Employee
    Posted Jan 21, 2016 07:15 PM

    Also, make sure there is no seos.ini in the root folder, i.e. /seos.ini.


    I know in older versions in certain circumstances a /seos.ini could end up being created and picked up by a reinstall. Not sure if this can still occur in 12.9SP1, but noting it here for future reference anyway.

  • 4.  Re: How do I ensure a clean backout of PIM?

    Posted Jan 22, 2016 01:18 PM

    Thanks, I am trying that out. only other thing I noticed is that the failed uninstall left some process running in memory. I was able to kill them, but if possible, I think being real root (not via sudo or su) would be a good idea.