There may be a situation where changes are being made in your Active Directory environment such as domain controller upgrades in which you no longer want QAS to communicate with decommissioned domain controllers.
It may be seen that QAS is still communicating with decommissioned servers while in the process.
If it is desired that QAS makes no communication with decommissioned servers then the following information will help to resolve that.
Product Defect ID 427080 - Decommissioned DC's are not removed from USN_CACHE
WORKAROUND:
To stop the vasd daemon from contacting decommissioned servers, perform the following in this order:
1) remove any hard coded entries from '/etc/opt/quest/vas/vas.conf'
2) run '#/opt/quest/bin/vastool flush srvinfo'
3) restart the vasd service
4) restart the vasproxyd service
5) run '#/opt/quest/bin/vastool flush'
6) restart the vasd service again
7) run '#/opt/quest/sbin/vasypd -x'
If you are not running vasypd then steps 4 and 7 can be left out.
Once you have done this test again that vasd and vasypd no longer have stored information on the decommissioned servers in the cache:
For vasypd run:
#/opt/quest/libexec/vas/sqlite3 -header /var/opt/quest/vas/vasypd/nismaps/rfc2307_nismaps.vdb "select * from vasypinfo"
For vasd run:
#/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_misc.vdb "select * from srvinfo"
and
#/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_misc.vdb "select * from usn_cache"
STATUS:
Product Defect 427080 - Decommissioned DC's are not removed from USN_CACHE will be fixed in a future release. It is planned to be fixed in a future release of the product.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center