Chapter 4: Basic Administration Tasks
Reinstalling a server or ADUC
61
Reinstalling a
server or ADUC
ADUC communicates with the SafeWord server (specifically, the
Administration Service), and each generates an SSL certificate (stored with
the component) to provide connection security and verify component identity.
When the server and ADUC are installed on the same machine, these
certificates remain synchronized. However, if they are installed on different
machines, and either component is reinstalled, the certificates may not remain
synchronized, and may need to be regenerated. An error message stating that
ADUC could not connect to the server typically indicates that certificates
require regeneration. There are two variations of this situation:
Reinstall the console, and keep the existing server installation
Reset the server's record of the old console's certificate:
1
Locate and open (in a text editor) the file called
clients.ini
in directory
<Install_Dir>\SERVERS\AdminServer\certificates
2
Locate and remove the line that looks like the following:
HOST_OR_IP_ADDRESS\:CN\=SccADUser-
Ext=DB\:A3\:E9\:4D\:7A\:A6\:A2\:8D\:A5\:B8\:3D\:4E\:E0\:C
D\:CF\:D3
where HOST_OR_IP_ADDRESS is the location of ADUC.
3
Save the file.
4
Restart the Administration Server.
Reinstall the server, and keep the existing ADUC installation
Reset the console's record of the old server's certificate:
1
Locate and open (in a text editor) the file called
servers.ini
in directory
<Install_Dir>\SERVERS\Shared
2
Locate and remove the line that looks like the following:
HOST_OR_IP_ADDRESS:5040=87:4d:76:49:47:a0:3b:23:e0:a8:52:
2e:8f:8c:6e:d6
where HOST_OR_IP_ADDRESS is the location of the SafeWord server
(for multiple servers, locate the line with the correct server address). If the
server was installed on a port other than 5040, then that port will appear in
place of 5040.
3
Save the file.
4
Restart ADUC.