Symantec IGA

  • Private Community
 View Only

  • 1.  Identity Suite - clock offset is xx seconds - CA Directory replication might fail

    Posted Oct 01, 2019 03:23 AM
    Hi Team,
    Identity Suite 14.3 vapp. 

    Currently on my Virtual appliance web-console, there is a warning message on the UserStore & Provisioning Server object
    [warn] clock offset of <IP> is XX seconds - CA Directory replication might fail 

    Can anyone advice, what should i do to sync the time to correct value ?

    regards,
    William


  • 2.  RE: Identity Suite - clock offset is xx seconds - CA Directory replication might fail
    Best Answer

    Broadcom Employee
    Posted Oct 01, 2019 04:17 AM

    Hi William,

     

    I just looked at one of my vApp 14.3 env and ntp is supposed to be configured ootb.

    On you vApp machine, as config user, could you run:

     

    service ntpd restart

    cat /var/log/messages

     

    and check the outcome of the restart.

    Maybe port udp/123 is blocked in your env and/or you have to configure ntp to use an internal ntp server. If this is the case then you can look at https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-suite/14-3/virtual-appliance/configuring-virtual-appliance.html#concept.dita_e8bc3a132b722521f1368d7a3210969a821df413_ConfigureTimeandNetworkTimeProtocol.

     

    By default, vApp uses the CentOS pool:

     

    server 0.centos.pool.ntp.org iburst

    server 1.centos.pool.ntp.org iburst

    server 2.centos.pool.ntp.org iburst

    server 3.centos.pool.ntp.org iburst

     

    Thanks

     




    Original Message


  • 3.  RE: Identity Suite - clock offset is xx seconds - CA Directory replication might fail

    Posted Oct 01, 2019 04:52 AM
    Hi Joffrey, thanks for the advice. I will try.

    regards,
    William
    Original Message