Error occurred while createing/updating group x, some members version is older than primary member's version number

  • 7024045
  • 31-Jul-2019
  • 31-Jul-2019

Environment

Access Manager 4.5
Access Manager 4.4

Situation

Trying to promote a new 4.5 Access Gateway as primary to migrate older versions out of the cluster.

Get "Error occurred while createing/updating group x, some members version is older than primary member's version number"

 







Resolution

Reported to engineering and addressed in 4.5.1. 

Can workaround this issue in the Admin Console interface.

1) Click on Admin in Upper right and then choose “Manage Objects”
 
2) Click on Search and then for name search for ag-* and type use “romaAGDevice”
 
3) You should see ag-xxxxx for each ag in your setup.  You can temporarily modify “romaAGDeviceSAXMLDoc”.
 
4) Copy the value to notepad.
 
5) Where it has “DeviceVersion” change from pre 4.5 version to “4.5.0.1-5”. 

Paste the new value in and clikc ok and ok again.  (The 2nd one actually modifies the object and timestamps it)
 
6) Now back on Devices -> AG, if you updated each of the “older” versions to say 4.5.0.1-5” you can now change the primary to the AG that is actually installed with 4.5.
 
7) Once you change the primary, you can revert the changes you made reverting on each AG, or if you plan to replace  the older versions you should be able to remove them without getting error.

Additional Information

Have a customer trying to upgrade from NAM 4.4.3 to 4.5. AC and IDPs are upgraded, and we are working on the AG appliances now. They have 3 separate clusters of 2 AG’s each. We have gotten the 4.5 AG appliances added to the clusters and everything is good there. We have been following the steps here: https://www.netiq.com/documentation/access-manager-45/install_upgrade/data/bzcvoqm.html#upgrade-ag-lin , specifically the workflow/process described in the New IP Address section of the Upgrading Access Gateway Appliance.
 
The issue we are having now is when we try and change the primary cluster member to one of the new AG’s, it gives us the following:
 
 "Error occurred while createing/updating group x, some members version is older than primary member's version number"
 
See screenshot:
 
https://www.screencast.com/t/pvWgIAwt
 
 That would be fine, but it never actually makes the change. We have tried to remove the old AG from the cluster, but can’t due to it being primary. Same story with deleting it entirely from the AC list.
 
 
The docs clearly state:
 
6 "On the Administration Console, specify AGA 1 as the primary server and click Update."