hub discovery and security.cfg syncronization

Document ID : KB000117128
Last Modified Date : 29/10/2018
Show Technical Document Details
Question:
We have multiple hubs and aggerates, all are connected via tunnels.
In the adminconsole we can define users and manage there access to hubs/robots correctly.
However the roles do not map to the IM console at all, infact only administrator can successfully manage anything other than the core hub/robots.
Several people in the organisation have looked at this and we are at a loss.
How can we correct this?


UIM server version: 8.858 hub version: 7.93
Environment:
UIM server version: 8.858
hub version: 7.93
Answer:
This should be an automatic process.
Does the primary have the highest version?
If so please do the following to try and correct
1) set the controller loglevel to 3 and logsize to 5000 on the primary hub and a secondary hub you want to test
2) set the hub loglevel to 3 and logsize to 35000 on both
3) restart the robot service on the primary so get a clean startup of in the log
4) bring up the probe utility for the primary hub
5) select the hubsec_setup_put command Key: secure_callbacks_from_primary_hub_only Value: yes key: security_config_propagation value: no https://docops.ca.com/ca-unified-infrastructure-management-probes/ga/en/alphabetical-probe-articles/hub/hub-release-notes :
6) on the secondary stop the robot service
7) remove the security.* files to a backup folder
8) start the robot service
9) you should see the security.cfg files recreated within 15 minutes from the primary with the same version number
10) test logging in.

If not using tunnels make sure to setup a named mapping in the hub GUI in both directions on the hubs.