Connection to Vulnerability Manager error when adding UNIX Agents to the SM Log Manager (NETIQKB70866)

  • 7770866
  • 04-Jan-2008
  • 20-Apr-2010

Environment

NetIQ Security Manager 6.5
NetIQ Security Manager for UNIX
NetIQ Security Manager for iSeries

Situation

Connection to Vulnerability Manager error when adding UNIX Agents to the SM Log Manager


Error: 'Unable to establish a connection to the Vulnerability Manager' when adding UNIX agents to the SM Log Manager

Am I using FIPS on my central Computer?

How do I know that FIPS is enabled or disabled?

When adding UNIX agents to Log Manager get message 'Unable to establish a connection to the Vulnerability Manager'

Resolution

If FIPS is enabled, you will NOT be able to collect Log Manager logs for Unix or iSeries, nor for legacy agents (6.0 and earlier).

The LogManager.log  (located in C:\Program Files\NetIQ Security Manager\OnePoint\log) file has a line that will tell you what the FIPS policy is set to.  Look for either of the following lines:

  • FIPS Policy:   FIPS Only Encryption
  • FIPS Policy:   Any Encryption

Any Encryption will mean that FIPS is disabled, while FIPS Only Encryption means that FIPS is enabled.

To disable FIPS:

  1. Run REGEDIT
  2. Expand to HKLM\System\CurrentControlSet\Control\Lsa\
  3. Change the value for FIPSAlgorithmPolicy from 1 to 0.
  4. Exit Regedit.
  5. Restart the Central Computer.

Once the Central Computer is restarted, check the LogManager.log file.  Look for:

INFO  SMService.OPMaster: StartupLMService: Sucessfully launched NqSmLM process

You can also verify that the NqSmLm.exe subservice is running, by opening TASKMGR, then putting a check mark in Show process from all users.  NqSmLm.exe will show up in the Image Name column.

Cause

As noted in the installation guide under Appendix D, under the heading Upgrading Managed Windows Agents, in the NOTES section, if you configure a central computer to use FIPS-compliant algorithms for encryption, that central computer cannot communicate with legacy Windows agents (version 6.00 or earlier), UNIX agents, or iSeries agents.

Error as seen in the LogManager.log:

WARN [main] SQL Message detected while attempt a conneciton for pool: LogManager is: No suitable driver
WARN [main] SQL Error detected while attempt a conneciton for pool: LogManager is: java.sql.SQLException: No suitable driver
ERROR [main] [ConnectionPool].initializePool  LogManager on connection: 4 Failed to get a database connection
java.sql.SQLException: No suitable driver


From NqSmSvc.txt:

FIPS Policy:   FIPS Only Encryption

Event Type: Warning
Event Source: Security Manager
Event Category: None
Event ID: 31533
Date:  4/15/2010
Time:  12:24:28 PM
Description:   The NqSmLM is not running.  Restarting.

Additional Information

Formerly known as NETIQKB70866

If you need further assistance with this issue, please contact NetIQ Technical Support.