Symantec Access Management

  • Private Community
 View Only

  • 1.  Policy Server Upgrade fails with UpgradeReadinessCheck

    Posted May 06, 2020 09:18 AM

    Hi All,

     

    Am trying to upgrade policy server version from 12.80 to 12.8 SP3.

     

    Am getting below error,

     

    UpgradeReadinessCheck tool failed to start

      UpgradeReadinessCheck tool, which identifies 32-bit custom
      binaries and unsupported authentication schemes in the policy 
      store, failed with the following error:
      STDERR:
      STDOUT: INFO: Starting UpgradeReadinessCheck ....

      ERROR: Connection to Policy Store failed.
      RETURN: 255
      This typically occurs because the tool could not access the policy 
      store. Check that Layer7 SiteMinder Policy Server is running and 
      that you entered the correct super user password and try again.

     

     

    Can someone please help me on this to fix this issue.



  • 2.  RE: Policy Server Upgrade fails with UpgradeReadinessCheck

    Broadcom Employee
    Posted May 06, 2020 11:04 AM

    Hi Subash,

    Are you by chance using a non-default authentication port on the policy server?  If so, you'll need to set an environment variable to allow the UpgradeReadinessCheck tool to connect to the policy server.  From the policy server upgrade guide:

    (Optional) Perform this step only if you have changed the authentication port of the Policy Server from 44442 to a different port number. 
    • Add an environment variable named 
      URC_AUTHENTICATION_PORT
       and set the value with the authentication port (TCP) of Policy Server. 
      

      Example:
      

      Linux:
      
 export URC_AUTHENTICATION_PORT=32222

      Windows:
      
 set URC_AUTHENTICATION_PORT=32222

    I hope this helps,
    Pete
    Original Message


  • 3.  RE: Policy Server Upgrade fails with UpgradeReadinessCheck

    Posted May 06, 2020 12:07 PM
    Hi Pete,

    Hope the password is wrong. Becasue we are not using any custom ports.
    Is there is any way to reset the super user password ?
    If i reset the password with ./smreg -su <password> it will break anything ?
    After reset do i need to update this password somewhere ?

    Thanks,
    SUbash
    Original Message


  • 4.  RE: Policy Server Upgrade fails with UpgradeReadinessCheck
    Best Answer

    Broadcom Employee
    Posted May 07, 2020 02:14 AM
    Hi Subash,

    You mentioned :

    If i reset the password with ./smreg -su <password>

    as it seems you run the Policy Server on Linux, make sure that the
    deamon rngd runs or there's a symlink between /dev/random and
    /dev/urandom.

    ref.:

    Upgrade issue - java.lang.RuntimeException: AGENTAPI_FAILURE
    https://knowledge.broadcom.com/external/article?articleId=136736

    and about the custom ports :

    UpgradeReadinessCheck Tool is not Working
    https://knowledge.broadcom.com/external/article?articleId=125252

    I hope this helps,

    Best Regards,
    Patrick
    Original Message