Environment
NetIQ AppManager 6.x
NetIQ AppManager 7.0.x
Situation
Key mismatch error occurs during discovery of the agent.
Error: 'Key Mismatch'
Error: 'Key Mismatch'
Resolution
To resolve this issue:
- On the Management Server, open a command prompt and type in the following, then copy the results to text files:
nqkeygenwindows -db databasename:sql_user:servername -info - On the agent in question, open a command prompt and type in the following, then copy the results to text files:
nqkeygenwindows -agentseclev
nqkeygenwindows -agentinfo Compare the key checksum values to see if they are the same. If they are the same, check the NTFS permissions on the directory where the key is stored on the agent by opening Windows Explorer and navigating to the following path:
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKey- Insure that your service account has Full Access (or at least READ) permission to the key files. The 'LocalSystem' account and local administrators group will always have full permissions.
Cause
The netiqmc service account was Domain User and did not have READ permission to the key files. Discovery failed because the netiqmc process could read the keys stored under:
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKey
Additional Information
Formerly known as NETIQKB48756