Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
699
Views
5
Helpful
12
Replies

LMS 3.1 Baseline Template Deploy jobs hung

chris.mcgarrah
Level 1
Level 1

‎05-13-2009 07:56 AM

I am having a problem with deploy jobs run from the baseline template function. I have run compliance checks to several groups of switches. The checks accurately report some things out of compliance. When I try to run the deploy job to correct the items. The jobs stay in a pending state (or running state when viewed from the RME Job browser). Some of the commands have actually been executed on the device, but it seems random among commands and devices.

Labels:
0 Helpful
12 Replies 12

yjdabear
VIP Alumni
VIP Alumni

‎05-13-2009 08:14 AM

If the jobs you're referring to are in NetConfig, the perpetual running state points to LMS 3.1 hitting any combination of the three bugs (CSCsv95235 CSCsw39641 CSCsw88378) in this thread:

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cd25f87

If the jobs still hang after applying the composite patch, it's due to a Solaris 10 bug (or actually several of them) that has no fix, but there's a workaround that'd need to be re-applied from time to time.

chris.mcgarrah
Level 1
Level 1
In response to yjdabear

‎05-13-2009 10:58 AM

This could be the issue, since we are using SSH. How do I get the consolidated patch? We are on Windwos, so it's not a Solaris 10 issue. Thanks.

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to chris.mcgarrah

‎05-13-2009 12:53 PM

You can request it through a TAC case, if the patch isn't already posted at the usual LMS/RME download area(s) on cisco.com. Just make sure it has the correct byte size and checksum noted in the aforementioned thread.

0 Helpful

chris.mcgarrah
Level 1
Level 1
In response to yjdabear

‎05-15-2009 04:51 AM

I have installed the patch and still have the problem. I will continue to work the case with TAC, but if you have any other ideas let me know. Thanks.

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to chris.mcgarrah

‎05-15-2009 06:35 AM

Well, now that I think about it, the Sol 10 bug(s) I was referring to is really a Java issue, which would make it platform-neutral. So try this:

- Locate the equivalent of NMSROOT/lib/jre/lib/security/java.security on Windows:

- Change the line where it says:

security.provider.1=sun.security.pkcs11.SunPKCS11

to

security.provider.1=sun.security.provider.Sun

So the file should end up looking like this:

...

security.provider.1=sun.security.provider.Sun

security.provider.2=sun.security.provider.Sun

...

Now restart dmgtd.

0 Helpful

chris.mcgarrah
Level 1
Level 1
In response to yjdabear

‎05-15-2009 07:25 AM

The only entry in my file is:

security.provider.1=sun.security.provider.Sun

I do not have an entry for:

security.provider.2=sun.security.provider.Sun

or one for:

security.provider.1=sun.security.pkcs11.SunPKCS11

should I add:

security.provider.2=sun.security.provider.Sun ? Thanks.

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to chris.mcgarrah

‎05-15-2009 07:47 AM

In that case, I wouldn't touch that file then.

Are you seeing other symptoms other than general job slowness (both NetConfig and ConfigSync, as noted in your other thread)? For example, my SyncArchive jobs were disappearing every so often, due to the aforementioned Java bug.

0 Helpful

Martin Ermel
VIP Alumni
VIP Alumni
In response to yjdabear

‎05-15-2009 11:57 AM

the patch you did get from TAC, which files did it contain and what is the MD5 checksum of each file ?

If it contains these two files, these checksums should be ok:

cmdsvc.jar 2b975bbd12faabae90d229e9a8a023c2

xdi.jar 326986eef9c9e46801a8623014ddd07e

if it does contain other files I am really interested in their names ....

I could not test them yet, but according to this thread they should be ok:

http://forum.cisco.com/eforum/servlet/NetProf;jsessionid=559782E832E957F07F5FCF947DF7BC7D.SJ2A?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cd2...

0 Helpful

chris.mcgarrah
Level 1
Level 1
In response to Martin Ermel

‎05-15-2009 12:50 PM

I only received one file: xdi.zip which contained xdi.jar.

I did not get a cmdsvc.jar file. My understanding is that the correct xdi.jar file is a consolidated patch for the 3 bugs, so I don't know where cmdsvc.jar fits in the picture.

0 Helpful

chris.mcgarrah
Level 1
Level 1
In response to Martin Ermel

‎05-15-2009 01:04 PM

I only received one file: xdi.zip which contained xdi.jar.

I did not get a cmdsvc.jar file. My understanding is that the correct xdi.jar file is a consolidated patch for the 3 bugs, so I don't know where cmdsvc.jar fits in the picture.

0 Helpful

Martin Ermel
VIP Alumni
VIP Alumni
In response to chris.mcgarrah

‎05-15-2009 01:16 PM

cmdsvc.jar seems only to be of interest for bug CSCsx24218. I was just interested what TAC did send you. But xdi.jar is of interest for all the bugs. Now the MD5 checksum of your xdi.jar is of interest. I yet did get an outdated version of this file...

0 Helpful

yjdabear
VIP Alumni
VIP Alumni
In response to Martin Ermel

‎05-15-2009 02:52 PM

I think it's pretty clear, based on the three recent threads so far, that here're the latest patches:

2b975bbd12faabae90d229e9a8a023c2 cmdsvc.jar

326986eef9c9e46801a8623014ddd07e xdi.jar

I just opened a TAC case to get cmdsvc.jar, which I also reckon is probably solely for CSCsx24218.

0 Helpful
Customers Also Viewed These Support Documents