|
|
Explanation: The parties on either end of a socket connection cannot mutually authenticate each other.
Ensure that the Symantec Product Authentication Service is installed and configured.
For complete installation instructions, see the NetBackup Security and Encryption Guide.
Check that both parties have a valid certificate by examining the listed expiry date from a bpnbat -WhoAmI. For example:
bpnbat -WhoAmI Name: JDOG Domain: MYCOMPANY Issued by: /CN=broker/OU=root@machine1.mycompany.com/O=vx Expiry Date: Sep 19 12:51:55 2009 GMT Authentication method: Microsoft Windows Operation completed successfully.
Shows an expiry date of September 19th, 2009. After 12:51:55 GMT this credential is no longer valid and a new credential is required.
If you are running from the NetBackup Administration console, close and reopen the console. The console automatically obtains a credential for the currently logged in identity, if possible. By default these certificates are valid for 24 hours. To set a longer default time, consult the following:
Ensure that the certificates for both sides either use the same broker, are children of the same root broker, or have trusts established between them.
More information is available on broker hierarchies and how to establish trust relationships between brokers.
Ensure that connectivity is possible between the physical systems in question. If general sockets cannot connect between the machines (such as ping and telnet), network issues unrelated to NetBackup may be the cause of this problem.
Ensure that the system has sufficient swap space and the following directories are not full: