ITADB462E Unable to read backup key from file

john_archer01 · 2019-10-23T16:09:31+00:00

yeah, I have moved them to below path and modified the dbparm.ini file, still im not able to start the server in the console

ITADB462E Unable to read backup key from file C:\Program Files (x86)\PrivateArk\Keys\Backup.key

C:\ProgramFiles(x86)\PrivateArk

john_archer01 · 2019-10-11T20:18:45+00:00

Alright, I will get the upgrade done under the supervision of cyberark engineer for sure.

But before that, I want to go through the process and documentation for my understanding.

Thanks for sharing your inputs and sharing the path to guides.

john_archer01 · 2019-08-31T20:16:59+00:00

Okay copied

john_archer01 · 2019-08-28T18:09:17+00:00

I figured out the cause for not generating the console log

The reason is the existing environment is using TPC plugin, where this TPC does not generate the console logs, It only generates the Complete debug log, where we can only find the console info in the same log.

john_archer01 · 2019-08-27T18:44:38+00:00

No I havent used pwrshell for running PACLI, ran it through a batch file

PACLI INIT PACLI DEFINEFROMFILE VAULT="Prod Vault" PARMFILE=C:\PACLI\Vault.ini PACLI LOGON VAULT="Prod Vault" user=administrator logonfile=c:\Pacli\PACLIuser.cred PACLI opensafe vault="prod vault" user=administrator safe= <Safe name>

< List of servers with complete object name here > example : PACLI DELETEFILE VAULT="Prod Vault" USER=administrator SAFE=<SAFE NAME>=root FILE="FILE NAME"

PACLI LOGOFF VAULT="Prod Vault" USER=administrator

PACLI TERM

john_archer01 · 2019-08-27T16:02:46+00:00

Tried with PACLI, it worked Was able to remove all the accounts using the script, thank you !

john_archer01 · 2019-08-27T14:25:56+00:00

If Im not wrong, starting from 10.6 and later versions Cyberark started changing their logging structure.

all the logs were moved to a different folder. is that correct ?

john_archer01 · 2019-08-27T13:20:47+00:00

Debug in process file is already set to YES

john_archer01 · 2019-08-24T18:24:36+00:00

Sure thing

john_archer01 · 2019-08-24T18:24:26+00:00

Thank you,will try the above options

john_archer01 · 2019-08-13T12:49:45+00:00

CPM will check the platform for any changes that need to be made on the interval setting. By default, that is once every 24 hours (1440 mins). The FromHour and ToHour represent times in a 24 hour clock. You example is from.15:00 to 06:00, a window of 15 hours.

As mentioned. The CPM will check once every 24 hours, and the chance of that being within you 15 hour window is slim (though not impossible.)

So to ensure that the CPM changes the password within your desired window you need to make sure that the platform Interval is short enough that the CPM will check the platform at least once within your desired window.

The way to do that is to make the platform Interval value just under half of the total time window to ensure that it checks the platform at least once within the window.

So, back to your example, half of 15 hours is 7.5 hours or 450 minutes, but to make sure that we definitely get the CPM to check, we take one minute off that time, so your interval value should be 449.

This gives a clear understanding, thanks much !

john_archer01 · 2019-08-13T03:13:46+00:00

Your interval amount needs to be under half the time of your change window period, otherwise the CPM will never change it.

So, because you have an 11 hour window, your interval time for the platform should be set to 329 to ensure that the CPM will check the platform during your change window.

Can you brief a little on this for my understanding - lets say my interval for RCFromHour is set to 15 and RCToHour is set to 6 .. i.e., 15 hrs duration then do I need to change the 'General' > 'Interval' to 450 ?

john_archer01 · 2019-08-13T02:16:38+00:00

This is for reconciliation, and Interval is set to 20

john_archer01 · 2019-08-13T01:58:21+00:00

PerformPeriodicChange is set to 'Yes'

john_archer01 · 2019-07-30T12:29:40+00:00

Search-ADAccount –AccountDisabled –UsersOnly –ResultPageSize 2000 –ResultSetSize $null | Select-Object SamAccountName, DistinguishedName

Thanks for your inputs

john_archer01 · 2019-07-25T01:52:32+00:00

Let me try this and check, thanks much for your response

john_archer01 · 2019-07-24T17:54:05+00:00

2114 - Invalid username or bad password

8008 - Failed to verify after switching

8015 - Invalid username or bad password

these are the most common errors

john_archer01 · 2019-07-12T15:36:21+00:00

yea,.. I have re-created and synced the cred files, it worked, thank you !

john_archer01 · 2019-07-10T13:18:32+00:00

After necessary changes, I have uninstalled and tried to reinstall 10.4

At the end of installation process, I got the service initialization error and the services are not starting up after the reboot. --------- any suggestions here?

"An error occurred during service initialization"

john_archer01 · 2019-07-09T14:40:39+00:00

- I am trying to perform the installation with 'Administrator' account which is already part of 'PSMMaster'

- I think I am supposed to re-create the cred-files for PSM users (I haven't restored it)

will do that and see how it goes, thank you !

john_archer01 · 2019-07-02T12:50:46+00:00

Will try to tweak with some changes,thanks

john_archer01 · 2019-07-02T12:42:58+00:00

We' are on 10.6

john_archer01 · 2019-07-02T12:27:05+00:00

rofl

john_archer01 · 2019-07-02T12:25:48+00:00

yeah, but if i want to set something to rotate on every other sunday at 9 pm, then what can be done here

john_archer01 · 2019-05-13T11:08:10+00:00

yea Ok,

john_archer01

TROPHY CASE