Prerequisites for Adding Data Collectors (Commvault Simpana)
• 64-bit OS. See the APTARE IT Analytics Certified Configurations Guide for supported operating systems.
• Support Java Runtime Environment (JRE) 10.0.2.
• For performance reasons, do not install Data Collectors on the same server as the APTARE IT Analytics Portal. However, if you must have both on the same server, verify that the Portal and Data Collector software do not reside in the same directory.
• Install only one Data Collector on a server (or OS instance).
• For most Backup Manager systems, install the Data Collector on a server that is in the same time zone as the backup server from which you are collecting data. For Veritas NetBackup and IBM Spectrum Protect (TSM) collection, the Data Collector server and backup server can be in different time zones.
• MS SQL Server needs to be accessible to the collector on a static TCP Port (1433 recommended), requiring a restart of the SQL database service, if not already configured.
• WMI Proxy access requires the following: Port 135 is required for skipped files collection and 445 for CIFS over TCP. A fixed port can be configured for WMI as specified at: http://msdn.microsoft.com/en-us/library/bb219447%28VS.85%29.aspx
• The Data Collector should be installed on the same server as the WMI proxy server.
• One Data Collector can include all of these backup products: Commvault Simpana, EMC Avamar, EMC NetWorker, EMC Data Domain, Veritas Backup Exec, Veritas NetBackup, HP Data Protector, IBM Spectrum Protect (TSM), and Generic Backup products. And, you also can include other enterprise objects, such as storage arrays, in this Data Collector.
Upgrade Troubleshooting: Microsoft SQL Server and Java 10
With release version 10.3 introducing support for Java 10, older versions of MS SQL Server may encounter compatibility issues. The following section covers potential workarounds. Collection occurs from the Microsoft SQL Server database used by the system the data collector is collecting from. The version of Java used by APTARE IT Analytics version 10.3 disables some insecure TLS algorithms by default. If collection fails with the following error in the collector logs, the version of MS SQL Server may be incompatible and not allow collection using the TLS algorithms enabled by default with Java 10.
Failed to establish JDBC connection to: jdbc:jtds:sqlserver://...
java.sql.SQLException: Network error IOException: null
at net.sourceforge.jtds.jdbc.JtdsConnection.<init>(JtdsConnection.java:437)
Upgrade MS SQL Server to the latest version to enable secure collection. Your MS SQL Server version may not be supported for APTARE IT Analytics version 10.3. If upgrade is not possible, a workaround can be attempted to restore compatibility. If the following steps do not resolve the issue, your version of MS SQL Server is not supported.
Use the following steps to modify the enabled algorithms to allow communication with the data collector:
1. Edit <collector install dir>/jre/conf/security/java.security.
2. Search for jdk.tls.disabledAlgorithms.
3. Copy the existing lines and comment (to have a backup for easy restore).
#jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
4. Remove 3DES_EDE_CBC.
#jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, RC4_40
5. Save the file.
6. Run checkinstall and verify collection succeeds.
If checkinstall does not succeed, each of the following algorithms can be individually re-enabled in an attempt to restore compatibility.
7. If checkinstall does not succeed, restore, remove RC4_40, save, re-run checkinstall.
#jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, DES40_CBC, 3DES_EDE_CBC
8. If checkinstall does not succeed, restore, remove DES40_CBC, save, re-run checkinstall.
#jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
EC keySize < 224, RC4_40, 3DES_EDE_CBC
9. If checkinstall does not succeed, restore, change the DH keySize as follows, save, re-run checkinstall.
#jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 1024, \
# EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
jdk.tls.disabledAlgorithms=TLSv3, RC4, MD5withRSA, DH keySize < 768, \
EC keySize < 224, DES40_CBC, RC4_40, 3DES_EDE_CBC
10. After a working configuration is found, restart the collector service.