Symantec Privileged Access Management

 View Only
  • 1.  License Mismatch Turning ON Cluster

    Posted Mar 05, 2018 06:09 AM

    Hi to all... I've configured my cluster PAM, version 3.1.1 with 2 members:

     

     

    when I turn ON Cluster this message return:

     

    (Error: PAM-CMN-5084: Turning the cluster on failed: : PAM-CMN-5119: Member: 10.10.1XX.XX5,pamtestn1.XXXX.XX=> License Mismatch (). Please check your configuration and try again.PAM-CMN-5119: Member: 10.10.1XX.XX6,pamtestn2.XXXX.XX=> License Mismatch (). Please check your configuration and try again)

     

    Below the license information:

     

    if I remove the FQDN from the cluster configuration the cluster come UP and all work fine... but I need that the cluster balance on FQDN...

     

    in another PAM with the same configuration this work fine... is there any limit on FQDN composition?



  • 2.  Re: License Mismatch Turning ON Cluster

    Broadcom Employee
    Posted Mar 05, 2018 09:25 AM

    Hi Emanuele, This suggests that the master node was not able to retrieve the license from the second node. Is it possible that the FQDN you added cannot be resolved by the first node, or maybe doesn't resolve to the correct IP? You can use the Devices > Tools page to check on name resolution.



  • 3.  Re: License Mismatch Turning ON Cluster

    Posted Mar 05, 2018 09:33 AM

    DNS are configured and PAM resolve FQDN...

     

    after the error PAM become slow and randomly return this messagge tring to connect:

     

    when I do "save to cluster" all work fine.. then node1 is able to reach node2 for save the configuration



  • 4.  Re: License Mismatch Turning ON Cluster
    Best Answer

    Broadcom Employee
    Posted Mar 05, 2018 09:41 AM

    Can you double check your DNS entries, we had something similar with the slowness, turned out that 1 of the 2 DNS entries was not "running" (they had just decommissioned it that weekend). once we changed the 1 bad DNS entry to another entry, it worked correctly



  • 5.  Re: License Mismatch Turning ON Cluster

    Posted Mar 05, 2018 10:34 AM

    great!!! the problem was the first DNS in the list, it has not the forwarder for the PAM domain configured... then, the cluster use only the first DNS on list?



  • 6.  Re: License Mismatch Turning ON Cluster

    Broadcom Employee
    Posted Mar 05, 2018 10:43 AM

    It uses the first server in the list that it can communicate with.