Cloning may cause orphaned records in the discovery_credentials table, even if there is a data preserver set up on the target instance, as well as the table being added to the excluded tables list on the source instance. This should mean that the table does not get touched at all during the clone, however, it is causing orphaned records.

Symptoms include those listed in the article below:
KB0719158 Discovery Credentials - Orphaned cause "SEVERE *** ERROR *** An error occurred while decrypting credentials from instance"

Steps to Reproduce

  1. Create discovery credentials on your source instance.
  2. Create discovery credentials on your target instance.
  3. Clone from your source instance to your target instance. 
  4. After the clone has completed, browse discovery_credentials records on your target instance.
  5. Viewing the 'Record not found' message when trying to open a credential shows orphaned records have been generated. 



This problem is under review. The workaround consists in creating a Data Preserver record for each of the following tables:

  • discovery_credentials
  • aws_credentials
  • basic_auth_credentials
  • cim_credentials
  • cloud_credential
  • cmdb_cloud_mgmt_credentials
  • jdbc_credentials
  • jms_credentials
  • openstack_credentials
  • sa_applicative_credentials
  • snmpv3_credentials
  • snmp_credentials
  • sn_cfg_chef_credentials
  • sn_cmp_azure_ea_credential
  • sn_cmp_infoblox_credentials
  • sn_cmp_node_credentials
  • sn_cmp_ssh_credentials
  • ssh_credentials
  • ssh_private_key_credentials
  • vmware_credentials
  • windows_credentials

 Please follow the steps below:

  1. Verify that the Discovery plugin is installed.
  2. In the Navigator, search for Credentials.
    3. Verify there are a variety of credential types (SSH, Windows, SNMP).
    4. On the source instance of a clone, type Preserve Data.
    5. Select Preserve Data under Clone Definition.
    6. Click on the New button.
    7. Name your preserver (i.e. SNMP to preserve the SNMP credentials).
    8. In the filter, type Credentials.
    9. Notice a host of tables, which are extensions of discovery_credentials, show up as suggestions.
    10. Select the table for each type of credential you want to preserve (i.e. snmp_credentials to preserve the SNMP credentials).
    11. Save the Preserver.
    12. Repeat steps 6 to 11 for each distinct type of credential you want to preserve.
    13. Go to your source instance and Request a clone using the target instance where you defined the new data preservers for each type of credential.
    14. When the clone is complete, return to the Credentials list on the target instance.
    15. Select one of the credentials. Notice the record will have been preserved and there are no orphaned records.

Note: When creating credentials on one instance, you should export the discovery credentials data using XML Export and import them into your other instances using XML Import. This will prevent creating the same discovery credentials data with different sys_ids.

Related Problem: PRB1305469

Seen In

Fuji Patch 11
Fuji Patch 9 Hot Fix 1
Geneva Patch 1
Geneva Patch 5
Geneva Patch 6
Geneva Patch 7
Helsinki Patch 4
Helsinki Patch 6 Hot Fix 1
Helsinki Patch 7
SR - IRM - Audit Management - New York 2019 Q3
SR - IRM - GRC Profiles - Madrid 2019 Q2
SR - IRM - GRC Workbench - New York 2019 Q3
SR - IRM - Policy and Compliance - Madrid 2019 Q2

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2019-08-08 09:54:08