Off-box agent fails to bootstrap to the Symantec Security Information Manager (SSIM)

Article:TECH93496  |  Created: 2009-01-17  |  Updated: 2011-06-28  |  Article URL http://www.symantec.com/docs/TECH93496
Article Type
Technical Solution

Product(s)

Issue





Symptoms
You see the following messages in the sesa-agent log

ERROR [Logging] com.symantec.management.security.HostnameVerificationFailureException

SESA Agent Symc_ConfigProvider: Failed to bootstrap to primary management server https:


Solution



To resolve this issue adjust the hosts file in the SSIM and the collector. The host name listed in the collector hosts file must match the hostname as displayed in the Network settings tab in SSIM.
The hosts file entries should not be necessary if DNS is working properly.
To test if this is the issue, setup a hosts file entry. If the hosts file entry resolves the issue, the problem is name resolution.

  1. Start the SSIM Web GUI
  2. Click Network Settings tab
    Make a note of the Hostname listed.
  3. Minimize the SSIM Web GUI
  4. On the Collector machine, open the hosts file in a text editor
    • In Windows by default
    1. C:\Windows\system32\drivers\etc\hosts or C:\Windows NT\system32\drivers\etc\hosts
    • In Linux
    1. Log in and provide the password.
    2. Type 'su -' then press Enter.
    3. Provide the root password.
    4. Type vi /etc/hosts
  5. If it is not already present, add an entry for the SSIM including its IP address, and the hostname as you saw in step 2 above.
  6. Save the changes to the hosts file.
  7. Get the Hostname of the collector machine.
    • If Windows
    1. Click Start.
    2. Click Run.
    3. Type cmd then press Enter.
    4. At the command prompt type hostname then press Enter.
    5. Make a note of the hostname that is returned.
    • If Linux
    1. Log in and provide the password.
    2. Type 'su -' then press Enter.
    3. Provide the root password.
    4. Type hostname then press Enter.
    5. Make a note of the hostname that is returned.
  8. Go back to the SSIM web GUI (you should still be on the Network Settings tab).
  9. Click Edit hosts file.
  10. Add the entry for the collector using its IP address and the hostname you got from step 10.
    NOTE: DO NOT MODIFY the hosts file entry on the SSIM that points to the SSIM itself. Incorrect modifications to this entry will cause your SSIM to become inoperative.
  11. Click Save to hosts.


After this change, bootstrap the agent to the SSIM appliance: How to bootstrap the Symantec Security Information Manager (SSIM) Agent on a collector computer


Another possible solution is that bootstrapping is disabled to that appliance.

  1. Start the SSIM client and log in as Administrator.
  2. Click System - Appliance Configurations.
  3. Navigate to and click on the Appliance.
  4. In the right pane, uncheck "Disable bootstrapping" .
  5. Click Apply.


When you bootstrap a collector you must be logged in to the collector machine with sufficient privileges to perform administrative functions. To test this, log in to the collector machine as root or administrator and test the bootstrapping procedure.




Legacy ID



2009041711222854


Article URL http://www.symantec.com/docs/TECH93496


Terms of use for this information are found in Legal Notices