Environment
Privileged Account Manager 3.5.0.4
Privileged Account Manager 3.6
Privileged Account Manager 3.6.0.1
Situation
PAM login doesn’t work after upgrading 3.5.0.4 to 3.6 or 3.6.0.1
Logs at /opt/netiq/npum/logs/unifid.log record the following:
Error, Failed to load library lib/regclnt: /opt/netiq/npum/service/local/regclnt/lib/regclnt.so: undefined symbol: spf_ssl_compare_cipher_node
Error, Failed to load module regclnt: 120004(configuration error)
Error, Failed to load library lib/registry: /opt/netiq/npum/service/local/registry/lib/registry.so: undefined symbol: spf_ssl_compare_cipher_node
Error, Failed to load module registry: 120004(configuration error)
Logs at /opt/netiq/npum/logs/unifid.log record the following:
Error, Failed to load library lib/regclnt: /opt/netiq/npum/service/local/regclnt/lib/regclnt.so: undefined symbol: spf_ssl_compare_cipher_node
Error, Failed to load module regclnt: 120004(configuration error)
Error, Failed to load library lib/registry: /opt/netiq/npum/service/local/registry/lib/registry.so: undefined symbol: spf_ssl_compare_cipher_node
Error, Failed to load module registry: 120004(configuration error)
Resolution
- Please restore PAM 3.5.0.4 by following the steps provided below. PAM keeps an internal backup of files before packages are upgraded. The solution is to move back to these original packages before proceeding to step 2 below.
Below are examples of this operation for both Linux and Windows Managers:Script for Linux Manager
# Stop PAM service
/etc/init.d/npum stop
# Create a folder to keep copy of existing files
mkdir /opt/netiq/backup_36
# Take backup of existing files
mv /opt/netiq/npum/bin /opt/netiq/backup_36
mv /opt/netiq/npum/scripts /opt/netiq/backup_36
mv /opt/netiq/npum/lib /opt/netiq/backup_36
mv /opt/netiq/npum/spf.def /opt/netiq/backup_36
# Copy the files from PAM internal backup folders to working folders
cp -R /opt/netiq/npum/.backup/bin /opt/netiq/npum/
cp -R /opt/netiq/npum/.backup/scripts /opt/netiq/npum/
cp -R /opt/netiq/npum/.backup/lib /opt/netiq/npum/
cp -R /opt/netiq/npum/.backup/spf.def /opt/netiq/npum/
# start the service
/etc/init.d/npum startSteps for Windows Manager
- Stop PAM service.
e.g. Command prompt: net stop npum
Or Services console: stop “NetIQ Privileged Account Manager” service - Take a backup of the existing and following folders/files from the installation path (default C:\Program Files):
<install path>\netiq\npum\bin
<install path>\netiq\npum\lib
<install path>\netiq\npum\spf.def - Replace the working folders/files with the files from PAM internal backup folder
<install path>\netiq\npum\.backup\bin -> netiq\npum\
<install path>\netiq\npum\.backup\lib -> <install path>\netiq\npum\
<install path>\netiq\npum\.backup\spf.def -> <install path>\netiq\npum\ - Start the service.
e.g. Command prompt: net start npum
Or Services console : start “NetIQ Privileged Account Manager” service
- Stop PAM service.
- Chose one of the following upgrade paths, which should be successful:
- Upgrade from 3.5.0.4 to 3.5.0.5 and then proceed to upgrade to the 3.6.x version.
- Upgrading from 3.5.0.4 to 3.6.0.2 doesn't have this issue. Packages pulled from the channel provides 3.6.0.2 packages and not 3.6/3.6.0.1.