We upgraded our Storage Manager to 5.3.1.0 but now the existing policies are not working.
I've notice that when I go to Identity Objects, the groups list is not the current groups in IDM.
Cybersecurity
DevOps Cloud (ADM)
IT Operations Cloud
If an answer to your question is correct, click on "Verify Answer" under the "More" button. The answer will now appear with a checkmark. Please be sure to always mark answers that resolve your issue as verified. Your fellow Community members will appreciate it! Learn more
We upgraded our Storage Manager to 5.3.1.0 but now the existing policies are not working.
I've notice that when I go to Identity Objects, the groups list is not the current groups in IDM.
nlou,
The latest version of Storage Manager is 5.3.2, and we recommend upgrading to that as it contains several key security fixes and bug fixes.
Did the Storage Manager Proxy Account (by default, smproxy) by any chance lose its permissions at the root of the tree? Or are these permissions blocked at a particular container in your tree?
Hi Grant,
How do I check the permission and where? Could it have lost permission after the upgrade?
By default the proxy account is granted Administrator privileges at the root of the tree. This should be checked through iManager.
However, you said that "when I go to Identity Objects, the groups list is not the current groups in IDM." What exactly does this mean? And when you say that "policies are not working", what behavior are you seeing? Are there any stuck events on the Pending Events queue?
No Pending Events.
What I'm expecting to see in Identity Objects are the groups that is currently in iManager but I don't see this.
I've gone to iManager but I don't know wher eto check the privileges? Are you able to give me a screenshot of this please?
In your tree view, you'll need to look at the trustees of the tree root object itself.
How? I can see SMProxy on the root of my tree but how do I check the permissions please?
If you can see the trustee assignment at the root of the tree, you should also be able to see the specific rights granted by that trustee assignment. The SMProxy account is typically granted Supervisor rights at the root of the tree.
If the SMProxy account does indeed have Supervisor rights there, then unless there is an IRF blocking those rights somewhere along the way, your permissions should be just fine. In that case, there's something else going on, and tracking that down will likely involve examining log files for various components and perhaps setting up a remote session. For that, you'll need to open a case with OpenText.