Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-72-1942229.1
Update Date:2014-11-06
Keywords:
Solution Type  Problem Resolution Sure

Solution  1942229.1 :   Oracle Key Manager (OKM) - Import of Data Unit on Key Transfer Partner reports "External Unique ID conflict"  

Related Items 
    

  • Oracle Key Manager
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>TAPE>Backup Software-Filesystems>SN-TP: Encryption
    •  






In this Document


Symptoms


Cause


Solution



Created from <SR 3-9810101661>


Applies to:  

Oracle Key Manager - Version 2.0.0 and later
Information in this document applies to any platform.



Symptoms


Customer site reports the following:

Using a Transfer Partnership between 2 clusters, recieved an error "External Unique ID conflict" on one of the tapes. Checking the Data Unit List tape TF0028L4 is listed on the recieving cluster with a "no key" state. On the original cluster the tape shows there is one key assigned to the data unit.



Cause



The importing cluster (destination) already contains a different data unit having an external unique ID matching one of the data units in the key transfer file and the data unit IDs are different - hence the conflict.



The Audit Event Log on the key transfer partner KMA will report:

"External Unique ID conflict"
 


Solution


In this scenario, you will need to import the Data Unit via the command line using the overrideeuiconflict=true option.

Here is the command line import:

okm import --cacert=filename --usercert=filename --directory=dirname --oper=username --retries=retries --timeout=timeout --verbose=boolean --overrideeuiconflict=boolean --kma=networkaddress --input=filename --partner=transferpartnerid --keygroup=keygroupid

Here is an example of the command line import command from one of our labs:

okm import --cacert=ca.crt --usercert=clientkey.pem --directory=. --verbose=true --overrideeuiconflict=true --kma=xx.xx.xxx.xx --input=KMS-Key-Transfer-File-highland-2012-02-10-01-42-10Z.dat --partner=rpe-kma-02 --keygroup=MyKeyGroup

Please reference the OKM 2.5 Admin Guide, starting on page 400 it explains the various command line options:

http://docs.oracle.com/cd/E26076_02/en/E26025_03/E26025_03.pdf

You would execute the above commands from the server where you have the OKM GUI console installed. For example, assuming you have the OKM gui installed on a Windows box:

The command line utility "OKM.exe" will be located under:

c:> cd C:\Program Files\Oracle\Oracle Key Manager
C:\Program Files\Oracle\Oracle Key Manager
 



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback