How to fix Crypto Objects initialization during moving,cloning.migrating docbase in Documentum?

Category:


How to fix Crypto Objects initialization during moving,cloning.migrating docbase in Documentum?

Crypto attributes have been damaged or there's a miss match with whats in the database and the aek.key file.


These steps have worked for me multiple time but no gurantees please backup before you jump into this.


NOTE:- :- has to be replaced by your actual values like docbase name ,password.


1. Stop the docbase.


2. Backup the database(Must if you screw something )

3. Rename the AEK file or back it some where else

4. From sql on the database, Use TOAD or any other SQL client, its easier to do it from there than from black screen.

SQL>; update dm_docbase_config_s set i_crypto_key = ' '.
SQL>; update dm_docbase_config_s set i_ticket_crypto_key = ''

5. Retrieve entry from dmi_vstamp_s for 'dm_docbase_config_crypto_key_init';

SQL&>; select r_object_id from dmi_vstamp_s where i_application ='dm_docbase_config_crypto_key_init';

6. Delete entry from dmi_object_type

SQL>; delete dmi_object_type where r_object_id = 'returned r_object_id from above';

7. Delete entry from dmi_vstamp_s itself

SQL>; delete from dmi_vstamp_s where r_object_id = 'returned r_object_id from step above'

8. Retrieve entry from dmi_vstamp_s for 'dm_docbase_config_ticket_crypto_key_init'.

SQL>; select r_object_id from dmi_vstamp_s where i_application = 'dm_docbase_config_ticket_crypto_key_init';

9. Delete entry from dmi_object_type

SQL>; delete dmi_object_type where r_object_id = 'returned r_object_id from above';

10. Delete entry from dmi_vstamp_s itself

SQL>; delete from dmi_vstamp_s where r_object_id = 'returned r_object_id from step above';

11. Truncate the tables dm_public_key_certificate_s

SQL>; delete dm_public_key_certificate_s;

12. Truncate the tables dm_cryptographic_key_s

SQL>; delete dm_cryptographic_key_s;

13. Run dm_crypto_create utility under $DM_HOME/bin, in order to create a new aek.key file. Even though you have multiple docbases in a machine, you should run this only one time. 


14. Run dm_encrypt_password utility to encrypt the database access password.

Prompt>; dm_encrypt_password -docbase -rdbms -encrypt

## These two steps are very important and if you miss them, it could be nightmare.


15. Check if views_valid is set to 0, 

Sql>;select views_valid from dm_type_s;

If its 1, then run the following command

Sql>;UPDATE dm_type_s SET views_valid = 0; 

16. Startup the docbases. 


NOTE :-The attributes deleted above are repopulated inside database, when Docbase starts- Don't worry about them.

Comments (0)

Post a Comment