Problem
The following error messages occur when running either 'nbrepo -a <package>' or 'nbrepo -list'.
Error Message
nbrepo -a <package_name>.sja
Adding package to the repository. This may take a few minutes...
Error: authorization failed.
The nbrepo debug log will show messages similar to the following:
<2> curlSendRequest: Http response body: {"errorCode":8000,"errorMessage":"User does not have permission(s) to perform the requested operation.","details":{}}
<2> curlSendRequest: Actual http response code: 401 , expected http response code: 201
<16> parseJSONErrorResponse: Error code returned by server is : 8000.
<16> parseJSONErrorResponse: Error message returned by server: User does not have permission(s) to perform the requested operation..
<16> addPackagesCmd: Failed to add deployment package metadata. Error code returned from curlSendRequest: 8000.
<2> NBClientCURL:~NBClientCURL: Performing curl_easy_cleanup()
<2> nbclnt_curl_prefnet::reset: Returning VN_STATUS_SUCCESS
<16> main: authorization failed.
<4> main: nbrepo exit status: [8000]
The nbwebservices debug log (OID 495) will show:
Resolve Exception: Subject does not have permission [MANAGE_FEDS_DATA] - Subject does not have permission [MANAGE_FEDS_DATA] at org.apache.shiro.authz.ModularRealmAuthorizer.checkPermission(ModularRealmAuthorizer.java:323)
Cause
The master server was a RedHat Linux VCS Cluster. At some time in the past an unknown hostname was auto-discovered. The extraneous name was mapped to the cluster and node names and causing the authorization failed error.
Any mapped host name in the Host Management section to the master (that is not a valid entry) can cause the failure.
Solution
Install the EEB associated with E-Track 3959035.
Confirm the first SERVER, CLIENT_NAME, and if applicable the CLUSTER_NAME are correct in the NetBackup configuration. If clustered, the CLIENT_NAME should be the hostname for the node, and the first SERVER should be the CLUSTER_NAME.
Execute the following commands and check the output to identify which host names are associated (mapped) to the master server hostname, and if clustered the individual node hostnames.
nbhostmgmt -list
nbhostmgmt -list -short
nbhostmgmt -list -json
Remove any host mapping entries associated to the master server or node UUIDs that are either incorrect or not needed. This can be done using the NetBackup Administration Console: Host Management > select UUID > right-click and Add or Remove Mapping > highlight the entry to remove > select "Remove".
Remove the /usr/openv/tmp/<bad.hostname>.1.webtoken.dat file
Re-run: nbrepo -a <package>
References
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.