Symantec Privileged Access Management

Expand all | Collapse all

PAM 3.4 post upgrade DB issue

  • 1.  PAM 3.4 post upgrade DB issue

    Posted 06-15-2020 11:18 AM
      |   view attached
    ​Hello Experts

    Post upgrade to PAM 3.4 facing issue where I am not able to create any new policies , getting the attached error.

    Has anyone faced the same issue and any resolution to this.

    Please suggest.


  • 2.  RE: PAM 3.4 post upgrade DB issue

    Posted 06-15-2020 07:07 PM
    Did you upgrade via the supported version route?
    Is this happening in a browser only or if it is happening with PAM Client?

    ------------------------------
    Support Engineer 5
    Broadcom
    ------------------------------



  • 3.  RE: PAM 3.4 post upgrade DB issue

    Posted 06-15-2020 11:44 PM
    Hi Kanika,

    Did you copy your old DB from 3.2.x release into 3.4 after upgrade?

    To check if this is really problem with your setup, you can do the following ...
    - Take a DB and configuration backup
    - Download these to your local desktop
    - Reset the CA PAM Database
    - This will reset the super password to the default password super
    - Login as super...perform the change password....
    - Add a device
    - Define the application type (let's say Generic)
    - Add a user
    - Now try to create a policy and check, if this fails as well, open a support ticket and attach the logs.bin file, this file would help us know the exact upgrade path that was followed and also some more details.

    Thanks,
    Reatesh.

    ------------------------------
    Principal Support Engineer
    Broadcom
    ------------------------------



  • 4.  RE: PAM 3.4 post upgrade DB issue

    Posted 06-18-2020 03:35 AM
    Hello experts

    No we did not copy the Old DB into the 3.4 and we followed the supported upgrade path.

    Do I need to Turn off the cluster before I perform the DB reset.


  • 5.  RE: PAM 3.4 post upgrade DB issue

    Posted 06-18-2020 07:51 PM
    Hi Kanika,

    Can you check one thing before resetting the DB, do you see System certificate in Configuration -> Security or is it empty?

    Regarding your question, yes we need to turn off the cluster before resetting the DB. Also since you mentioned that there is a cluster, are both appliances having the same issue or just one?

    Best regards,

    ------------------------------
    Nikola Milosavljevic
    Security Consultant
    ------------------------------



  • 6.  RE: PAM 3.4 post upgrade DB issue

    Posted 06-22-2020 10:36 AM
    Hi Nikola

    ​Checked the system certificates were available, DB reset done , as of now don't see the issue.