måndag 31 mars 2014

CBA Protected Servers

I'm configuring Certificate Based Authentication between the DPM Server and a few ProductionServers and I noticed that if you miss out on a really important step, at least myself got stuck with my head banging against a wall. 

When running the command Attach-ProductionServerWithCertificate.ps1 -DPMServername DPMServer -PSCredential <pathToBinFile> I got this error message

WARNING: Connecting to DPM server: DPMServer
There is failure while attaching production server with certificates
C:\Program Files\Microsoft System Center 2012\DPM\DPM\bin\Attach-ProductionServerWithCertificate.ps1 : DPM CPWrapper Service on the ProductionServer computer has encountered a failure and may
 be in an unusable state. Exception Message = The socket connection was aborted. This could be caused by an error processing your message or a receive timeout being exceeded by th
e remote host, or an underlying network resource issue. Local socket timeout was '00:00:59.9680000'..
At line:1 char:1
+ .\Attach-ProductionServerWithCertificate.ps1 -DPMServerName DPMServer -PSCredential  ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Attach-ProductionServerWithCertificate.ps1
- Check that the relevant firewall exceptions are configured correctly.
- Check if the certificate used by the DPM CPWrapper service on the ProductionServer computer is trusted by the peer server.
- Try to restart the DPM CPWrapper service on the ProductionServer computer.
And it turns out that the problem behind all this is the lack of the root certificate. Just install the root certificate in the Trusted Root Certification Authorities (and any intermediate certificates in the Intermediate Certification Authorites) you should be good to go!


Inga kommentarer:

Skicka en kommentar