WEM 4.6 Agents cannot communicate over External Trust

WEM 4.6 Agents cannot communicate over External Trust

book

Article ID: CTX236790

calendar_today

Updated On:

Description

WEM Broker and WEM Agent are in different domains in different forests,
A two-way External trust exists between these two domains.
WEM Agents are unable to establish a connection to the WEM broker, they are not listed in the WEM console > Administration > Agents

The WEM infrastructure debug log shows and exception:

10:42:17 Event -> MainBrokerWinSvc.<StartAgentBroker>b__40_0() : Connection in progress -> Client xxxxxxxxxxxx version 4.6.0.0 with Ip address xxxxx.xxxx.xxxx.xxxx
10:42:17 Exception -> AgentBrokerService.() : System.InvalidOperationException: Sequence contains no elements
   at System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
   at Norskale.Broker.Agent.AgentBrokerService.()
10:42:17 Exception -> AgentBrokerService..ctor() : Sequence contains no elements
Also if we add WEM Agents in the same domain as the WEM Broker, they will only appears in the WEM console if we remove first the OU for the Agents in the trusted domain.
As long as trusted domain objects remain in the WEM console under 'Active Directory Objects > Machines' ,  the Agents that are in the same domain as the WEM Broker will also fail, and the WEM infrastructure debug log will shows a different exception:
10:44:41 Event -> MainBrokerWinSvc.<StartAgentBroker>b__40_0() : Connection in progress -> Client xxxxxxxxxxxxxxx version 4.6.0.0 with Ip address xx.xx.xx.xxx
10:44:42 Exception -> AgentBrokerService.() : System.AggregateException: One or more errors occurred. ---> System.InvalidOperationException: Sequence contains no elements
   at System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
   at Norskale.Broker.Agent.AgentBrokerService..(VUEMADObject )
   at System.Linq.Parallel.SelectQueryOperator`2.SelectQueryOperatorEnumerator`1.MoveNext(TOutput& currentElement, TKey& currentKey)
   at System.Linq.Parallel.WhereQueryOperator`1.WhereQueryOperatorEnumerator`1.MoveNext(TInputOutput& currentElement, TKey& currentKey)
   at System.Linq.Parallel.StopAndGoSpoolingTask`2.SpoolingWork()
   at System.Linq.Parallel.SpoolingTaskBase.Work()
   at System.Linq.Parallel.QueryTask.BaseWork(Object unused)
   at System.Threading.Tasks.Task.Execute()
   --- End of inner exception stack trace ---
   at System.Linq.Parallel.QueryTaskGroupState.QueryEnd(Boolean userInitiatedDispose)
   at System.Linq.Parallel.DefaultMergeHelper`2.System.Linq.Parallel.IMergeHelper<TInputOutput>.Execute()
   at System.Linq.Parallel.MergeExecutor`1.Execute[TKey](PartitionedStream`2 partitions, Boolean ignoreOutput, ParallelMergeOptions options, TaskScheduler taskScheduler, Boolean isOrdered, CancellationState cancellationState, Int32 queryId)
   at System.Linq.Parallel.PartitionedStreamMerger`1.Receive[TKey](PartitionedStream`2 partitionedStream)
   at System.Linq.Parallel.WhereQueryOperator`1.WrapPartitionedStream[TKey](PartitionedStream`2 inputStream, IPartitionedStreamRecipient`1 recipient, Boolean preferStriping, QuerySettings settings)
   at System.Linq.Parallel.UnaryQueryOperator`2.UnaryQueryOperatorResults.ChildResultsRecipient.Receive[TKey](PartitionedStream`2 inputStream)
   at System.Linq.Parallel.UnaryQueryOperator`2.UnaryQueryOperatorResults.ChildResultsRecipient.Receive[TKey](PartitionedStream`2 inputStream)
   at System.Linq.Parallel.ScanQueryOperator`1.ScanEnumerableQueryOperatorResults.GivePartitionedStream(IPartitionedStreamRecipient`1 recipient)
   at System.Linq.Parallel.UnaryQueryOperator`2.UnaryQueryOperatorResults.GivePartitionedStream(IPartitionedStreamRecipient`1 recipient)
   at System.Linq.Parallel.UnaryQueryOperator`2.UnaryQueryOperatorResults.GivePartitionedStream(IPartitionedStreamRecipient`1 recipient)
   at System.Linq.Parallel.QueryOperator`1.GetOpenedEnumerator(Nullable`1 mergeOptions, Boolean suppressOrder, Boolean forEffect, QuerySettings querySettings)
   at System.Linq.Parallel.QueryOpeningEnumerator`1.OpenQuery()
   at System.Linq.Parallel.QueryOpeningEnumerator`1.MoveNext()
   at System.Linq.ParallelEnumerable.ToList[TSource](ParallelQuery`1 source)
   at Norskale.Broker.Agent.AgentBrokerService.(ActiveDirectoryComputer , ActiveDirectoryService , List`1 )
   at Norskale.Broker.Agent.AgentBrokerService.()
---> (Inner Exception #0) System.InvalidOperationException: Sequence contains no elements
   at System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
   at Norskale.Broker.Agent.AgentBrokerService..(VUEMADObject )
   at System.Linq.Parallel.SelectQueryOperator`2.SelectQueryOperatorEnumerator`1.MoveNext(TOutput& currentElement, TKey& currentKey)
   at System.Linq.Parallel.WhereQueryOperator`1.WhereQueryOperatorEnumerator`1.MoveNext(TInputOutput& currentElement, TKey& currentKey)
   at System.Linq.Parallel.StopAndGoSpoolingTask`2.SpoolingWork()
   at System.Linq.Parallel.SpoolingTaskBase.Work()
   at System.Linq.Parallel.QueryTask.BaseWork(Object unused)
   at System.Threading.Tasks.Task.Execute()<---
Lastly, a similar problem exists with 'Active Directory Objects > users' objects.
As long as OUs from the trusted domain are listed there, the WEM Agent will fail to process users on any Agents ( same domain as broker and trusted domain)

Resolution


There are two possibilities:
  1. Change the External Trust to a Forest trust.
  2. Create a new WEM site in the Trusted location, this will require a new Broker with a new WEM database, however this new database can be hosted on the existing SQL server instance in the trustee domain, so it shouldn't be necessary to install a new a SQL server.

Problem Cause

This is by design, WEM 4.6 is using Global Catalog which is not aware of External Trusts

Issue/Introduction

WEM 4.6 Agents cannot communicate over External Trust