Re: [Veritas-bu] KMS issues in SSO environment?!
Judy, Thank you for your reply. I am confused. The doc I referenced does not appear to contain anything that states Solaris only? Can you please provide a link, document#, or Etrack# for the other doc you referenced? Thanks, Kent From: judy_hinchcli...@administaff.com [mailto:judy_hinchcli...@administaff.com] Sent: Thursday, March 04, 2010 6:59 PM To: adam...@medsch.ucsf.edu; Eagle, Kent; veritas-bu@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] KMS issues in SSO environment?! The bottom of the doc says for Solaris only. There is another doc that says on windows servers if you try to do two encrypted restores at the same time they will fail.. work around is to only do one restore at a time. From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Adams, Dwayne Sent: Thursday, March 04, 2010 5:47 PM To: Eagle, Kent; veritas-bu@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] KMS issues in SSO environment?! Kent, I am planning for KMS now in my SSO environment. I am very interested in anything that your find out on this. Does this issue occur in all KMS + SSO installations? Thanks Dwayne Adams From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Eagle, Kent Sent: Thursday, March 04, 2010 5:59 AM To: veritas-bu@mailman.eng.auburn.edu Subject: [Veritas-bu] KMS issues in SSO environment?! Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
From: Judy Hinchcliffe Sent: Friday, March 05, 2010 2:40 PM To: 'Eagle, Kent'; adam...@medsch.ucsf.edu; veritas-bu@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] KMS issues in SSO environment?! The other doc: http://seer.entsupport.symantec.com/docs/340737.htm for windows Look at the bottom of the doc, and my bad it says Solaris and Lunix as the operating systems. From: Eagle, Kent [mailto:kea...@wilmingtontrust.com] Sent: Friday, March 05, 2010 8:53 AM To: Judy Hinchcliffe; adam...@medsch.ucsf.edu; veritas-bu@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] KMS issues in SSO environment?! Judy, Thank you for your reply. I am confused. The doc I referenced does not appear to contain anything that states Solaris only? Can you please provide a link, document#, or Etrack# for the other doc you referenced? Thanks, Kent From: judy_hinchcli...@administaff.com [mailto:judy_hinchcli...@administaff.com] Sent: Thursday, March 04, 2010 6:59 PM To: adam...@medsch.ucsf.edu; Eagle, Kent; veritas-bu@mailman.eng.auburn.edu Subject: RE: [Veritas-bu] KMS issues in SSO environment?! The bottom of the doc says for Solaris only. There is another doc that says on windows servers if you try to do two encrypted restores at the same time they will fail.. work around is to only do one restore at a time. From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Adams, Dwayne Sent: Thursday, March 04, 2010 5:47 PM To: Eagle, Kent; veritas-bu@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] KMS issues in SSO environment?! Kent, I am planning for KMS now in my SSO environment. I am very interested in anything that your find out on this. Does this issue occur in all KMS + SSO installations? Thanks Dwayne Adams From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Eagle, Kent Sent: Thursday, March 04, 2010 5:59 AM To: veritas-bu@mailman.eng.auburn.edu Subject: [Veritas-bu] KMS issues in SSO environment?! Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
I'm running hardware LTO4 encrytion with 12 IBM LTO's in a Sun L1400 with KMS on nb 6.5.4 and haven't seen any issues. On 3/4/10, Eagle, Kent kea...@wilmingtontrust.com wrote: Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
Kent, I am planning for KMS now in my SSO environment. I am very interested in anything that your find out on this. Does this issue occur in all KMS + SSO installations? Thanks Dwayne Adams From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Eagle, Kent Sent: Thursday, March 04, 2010 5:59 AM To: veritas-bu@mailman.eng.auburn.edu Subject: [Veritas-bu] KMS issues in SSO environment?! Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. :-( In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
The bottom of the doc says for Solaris only. There is another doc that says on windows servers if you try to do two encrypted restores at the same time they will fail.. work around is to only do one restore at a time. From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Adams, Dwayne Sent: Thursday, March 04, 2010 5:47 PM To: Eagle, Kent; veritas-bu@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] KMS issues in SSO environment?! Kent, I am planning for KMS now in my SSO environment. I am very interested in anything that your find out on this. Does this issue occur in all KMS + SSO installations? Thanks Dwayne Adams From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Eagle, Kent Sent: Thursday, March 04, 2010 5:59 AM To: veritas-bu@mailman.eng.auburn.edu Subject: [Veritas-bu] KMS issues in SSO environment?! Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
I'm seeing this problem currently. For me, at this point, it isn't a huge deal, I'm having approx 1-2 failures per day. The strange thing is that it always fails on the same client/policy, which happens to be a client initiated SAP backup job. It also seems to happen some of the time when nothing else is really going on... Scott Chapman Senior Technical Specialist Storage and Database Administration ICBC - Victoria Ph: 250.414.7650 Cell: 250.213.9295 From: veritas-bu-boun...@mailman.eng.auburn.edu [mailto:veritas-bu-boun...@mailman.eng.auburn.edu] On Behalf Of Eagle, Kent Sent: Thursday, March 04, 2010 5:59 AM To: veritas-bu@mailman.eng.auburn.edu Subject: [Veritas-bu] KMS issues in SSO environment?! Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. This email and any attachments are intended only for the named recipient and may contain confidential and/or privileged material. Any unauthorized copying, dissemination or other use by a person other than the named recipient of this communication is prohibited. If you received this in error or are not named as a recipient, please notify the sender and destroy all copies of this email immediately. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
Re: [Veritas-bu] KMS issues in SSO environment?!
I'm using IBM LTO4 in a Dell ML6010 (Rebadged ADIC i500) with KMS and SSO with no issues at all. I am using W2K8 X64 with NBU 6.5.4 We are using the IBM Drivers for the LTO4 as per compat matrix. We are a pretty small tape environment in the scheme of things though, with the library drives (2 of them) just being shared with 2 NBU Media servers. The drives are only used for dupe jobs. On 3/4/2010 2:53 PM, Travis Kelley wrote: I'm running hardware LTO4 encrytion with 12 IBM LTO's in a Sun L1400 with KMS on nb 6.5.4 and haven't seen any issues. On 3/4/10, Eagle, Kent kea...@wilmingtontrust.com wrote: Greetings, We are running NBU 6.5.3.1 with a Quantum (ADIC) i2000 Scalar library. We currently have a bunch of LTO2 drives, but want to switch to LTO4 and get rid of our inline encryption appliances. We know about QEKM and QSKM, but are trying to go with a more vendor neutral solution. Also, an i500 or another i2000 library just to enable a built in feature of LTO4 is going to be a tuff sell to the bean counters. L In doing my research, I discovered that there is an issue with status 83 errors if you try to use KSM in an SSO environment. There are scant few technotes, etc.., but once you get deeper into the support matrix, people seem to know about it. Etrack #1765730 (Document ID #329579) indicates that it will be fixed in 6.5.6, which has not been posted for download yet. I can find no indication that NBU 7.x has this problem, or that it has been fixed. Having lived through all of the major upgrades, I know that support will be focused on 7.x problems before 6.x problems see daylight. At least that's the way it was from 3 to 4, 4 to 5, and 5 to 6. Has anyone received an engineering binary to address this, or were you able to wrangle more info out of Symnatec? Are you successfully running KSM right now in an SSO environment? I'd love to hear of any and all experiences, both negative (and hopefully) positive. P.S. - Yes, we've tested software based encryption; and the overhead was so great in our environment (plus the hit we took on compression) that it just isn't feasible. Thanks, Kent Visit our website at www.wilmingtontrust.com Investment products are not insured by the FDIC or any other governmental agency, are not deposits of or other obligations of or guaranteed by Wilmington Trust or any other bank or entity, and are subject to risks, including a possible loss of the principal amount invested. This e-mail and any files transmitted with it may contain confidential and/or proprietary information. It is intended solely for the use of the individual or entity who is the intended recipient. Unauthorized use of this information is prohibited. If you have received this in error, please contact the sender by replying to this message and delete this material from any system it may be on. ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu ___ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu