Problems with scripting and nsradmin after a password change

Good day all,

Here are the facts:

NetWorker version - 8.2.4.4

NMC server installed separate from Zone Servers

Migrating from an old NetWorker Server to a new NetWorker Server (same NW versions)

Scripts detailed below to migrate the clients (worked last Thursday and didn't work yesterday)

NetWorker password was locked over the weekend

Unlocked and reset the password in AD and via NMC (unfortunately Security won't let us go longer than 90 days without a password change and I missed it this time)

This is a 2 script process:

nsrmig1.pl

nsrmig2db.pl

nsrmig1.pl creates the query to run the migration from a prepopluated text file that contains only client names:

#!/usr/bin/perl

#

# nsrmig1.pl - Extract key information about NSR clients and prepare client create syntax for migration.

#

# Check for presence of file given as argument.

if ( ! -f $ARGV[0] ) {

  die "No such file '$ARGV[0]'.";

}

# Read file for list of clients.

open(CLIENTS,"$ARGV[0]") || die "Cannot open file '$ARGV[0]' for reading.";

@clients = ;

close(CLIENTS);

# Open search output file.

open(SEARCH,">$ARGV[0].mig1") || die "Cannot open search file for output.";

print SEARCH "show name;client id;comment;parallelism;save set;scheduled backup;aliases\n\n\n";

# Iterate over clients to create the search syntax.

foreach $client (sort @clients) {

  chop($client);

  print SEARCH ". type:nsr client;scheduled backup:enabled;name:${client}\np\n\n";

}

# Close the search output file.

close(SEARCH);

exit(0);

The 2nd file nsrmig2db.pl creates the "create" and "disable" files to be run against the gaining NetWorker Zone Server (file_name.create) and against the losing NetWorker Zone server (file_name.disable)

#!/usr/bin/perl

#

# nsrmig2.pl - Extract key information about NSR clients and prepare client create syntax for migration.

#

use POSIX qw(strftime);

# Check for presence of file given as argument.

if ( ! -f $ARGV[0] || ! -f "$ARGV[0].mig1" ) {

  die "No such file '$ARGV[0]/$ARGV[0].mig1'.";

}

# Check for server name as argument.

if ( length($ARGV[1]) == 0 ) {

  die "No server name given.";

}

# Run the search. Massage output.

my $searchout = qx#/usr/sbin/nsradmin -s $ARGV[1] -i $ARGV[0].mig1#;

$searchout =~ s/Current query set//g;

$searchout =~ s/;\n */;/g;

$searchout =~ s/\n */\n/g;

$searchout =~ s/ [\\]\n/ /g;

$searchout =~ s/;parallelism: 4;/;/g;

$searchout =~ s/;comment: ;/;/g;

$searchout =~ s/;save set: All;/;/g;

# Debug

# print $searchout; exit(0);

# Client creation output.

my $createout = $searchout;

$createout =~ s/name:/\ncreate type: nsr client;name:/g;

$createout =~ s/client id: [0-9a-z\-]*;//g;

$createout =~ s/name:/group: cloud-db-%;retention policy: 6 weeks;browse policy: 6 weeks;name:/g;

# Iterate over entries and assign a group.

my @groups = ("a", "b", "c", "d", "e", "f", "g");

my $cnt = 0;

while ( index($createout,"%") != -1 ) {

  $createout =~ s/%/$groups[$cnt]/;

  $cnt = 0 if $cnt++ > 5;

}

# Debug

#print "$createout\n"; exit(0);

# Write create script.

open(CREATE,">$ARGV[0].mig2.create") || die "Cannot create file: $ARGV[0].mig2.create";

print CREATE "$createout\n";

close(CREATE);

# Client disablement output.

open(DISABLE,">$ARGV[0].mig2.disable") || die "Cannot create file: $ARGV[0].mig2.disable";

my $disableout = $searchout;

foreach $client ( grep(/name:/, split("\n",$disableout)) ) {

  $client =~ s/.*name: //;

  $client =~ s/;.*//;

  print DISABLE ". type: nsr client;scheduled backup:enabled;name: $client\nupdate scheduled backup:disabled;comment: \"DISABLED - Migrated - DO NOT ENABLE - " . strftime("%Y%m%d", localtime) . "\"\n\n";

}

close(DISABLE);

# Debug

#print "$disableout\n"; exit(0);

exit(0);

Like I said before, it was running perfectly fine Thursday and yesterday it no longer runs.  What I find interesting is I can connect to nsradmin and run the commands to obtain the information interactively.  However, offline / non-interactively, I receive the message in the file_name.create file:

No resources found for query:

create type: nsr client; group: group_name;retention policy: 6 weeks;name: client_name ;scheduled backup: enabled;type: nsr client;

The output from Thursday was like this:

create type: nsr client;group: group_name;retention policy: 6 weeks; browse policy: 6 weeks;name: client_name;scheduled backup: Enabled; comment: Any comments included in the comment field;save set: "Save sets";aliases: alias1,alias2;parallelism: 8;

I'm assuming there is something in the background I have missed when I changed the password via the following steps after changing it in Active Directory:

1. Log into NMC
2. Click Setup button
3. Click Setup (menu)
4. Configure Login Authentication
5. Ensure External Repository is selected and click Next
6. Change the password on each Authority servers (Do not cut and paste)
7. Click Next
8. Click Next
9. Click

I did see the following message on the “older” servers; “Unable to retrieve data while parsing lockbox phrase.  The lockbox phrase has an invalid format.”  My peer who has been here considerably longer than I said this is routine behavior after a password change

Coincidentally, there is nothing written to the daemon.raw log since I updated the password.

Any help is greatly appreciated as I still have over a thousand clients to migrate from 2 older zone servers that are being replaced by the zone servers.

Sincerely,

Lee