Error Messages
This section describes runtime error messages. For information about other types of runtime messages, see Alerts Playbook and Warning and Info Messages .
The alerts are grouped into the following categories:
Failed to Transform File During Rekey
LDT could not complete transformation on a file.
Related Messages:
-
LDT: Rekey failed for file [PathName] on GuardPoint [GuardPoint]
-
LDT: Extended attribute of inode [InodeNumber] is corrupted under GuardPoint [GuardPoint]
Solution: An I/O error is the most common cause of failure when updating LDT metadata. For I/O errors, fix the problem at the host OS or storage level, and then restore the file from a backup.
If you cannot find and fix the underlying host OS or storage issue that is causing the error, contact Customer Support for troubleshooting and recovery.
Failure to Suspend LDT
A request to stop LDT processing did not succeed. The suspend request was at the host level as part of a QoS schedule, or the suspend request was initiated by a user on the CipherTrust Manager.
Related Messages:
-
LDT: Failed to suspend rekey on all GuardPoints
-
LDT operations could not be suspended on the host
Solution: An I/O error is the most common cause of failure when updating the persistent state of a GuardPoint. For I/O errors, fix the problem at the host OS or storage level.
If a backup operation is in progress when this message occurs, you must fix the cause of the suspend failure and then restart the backup. If the backup has already completed when the alert message occurs, the backup image on the GuardPoint may have inconsistent data and LDT metadata. Discard this backup image and do a fresh backup.
If you cannot find and fix the host OS or storage issue, contact Customer Support for troubleshooting and recovery.
Failure to Start or Stop Transformation
The following general messages are recorded when there are errors attempting to start or stop LDT:
-
LDT: Failed to abort key rotation on GuardPoint [GuardPoint]
-
LDT: Failed to start
-
LDT: Failed to stop
-
LDT: Failed to exit
Solution: Examine system logs for additional information as to the cause. If you cannot find and fix the underlying host OS or storage issue that is causing the error, contact Customer Support for troubleshooting and recovery.
Failure to Restart Transformation
The following message is recorded when an attempt to restart transformation after a system reboot fails because the file system is mounted as read-only. Transformation on the specified GuardPoint cannot continue until the file system is mounted with write permission.
-
LDT: Skipped LDT recovery on read-only file system [GuardPoint]
Solution: Re-mount the file system with write permissions.
Failure to Schedule Relaunch
The following message indicates that a rekey request was sent to a Linux GuardPoint that was already undergoing data transformation, and an error was encountered when LDT attempted to defer the rekey request until after the current data transformation completes:
-
LDT: Failed to flag GuardPoint [GuardPoint] for deferred key rotation, error [Error]
Solution: Contact Thales Tech Support for help.
Temporary Failure to Start Transformation on a File
The following messages are recorded when there are communication issues or lack of resources on the host. Once the condition is corrected, transformation of the file continues automatically:
-
LDT: Insufficient memory condition encountered during LDT on GuardPoint [GuardPoint]
-
LDT: Encryption key for file [PathName] unavailable for LDT, possibly due to loss of communication to CipherTrust Manager
-
LDT: Aborting rekey of file [PathName] due to lack of free memory. Try closing other application to resolve the issue
Solution: Resolve the communication issues or increase the available resources, then verify that LDT has resumed processing.
Transient Condition while enabling GuardPoint
The following messages are recorded when a request is made to guard an LDT GuardPoint when GuardPoint initialization is already in progress. During the GuardPoint initialization, the system initializes MDS file associated with the GuardPoint in preparation for LDT. Initialization of the MDS file can take a few minutes. During this time, if the system retries the guard operation, one of the following messages displays.
Related Messages:
-
Not re-guarding path [path] (Reason: GuardPoint initialization already in progress)
-
Not re-guarding path [path] from container [container] (Reason: GuardPoint initialization already in progress)
Solution: Wait for the current GuardPoint initialization to complete and then resubmit the new GuardPoint initialization request if desired.
Transient Failure to Read LDT Attributes from NFS
NFS may incorrectly returns 0’s when reading LDT metadata from files in NFS shares. As LDT doesn’t expect 0’s returned for LDT attributes, it retries the read operation, and the second operation succeeds and returns valid LDT attribute.
The first read attempt returning 0’s results in the first warning message logged in the system log file as LDT attribute validation fails. However, the second read attempt succeeds and reads valid LDT attribute data, resulting in the second message logged in response to the first message. You can ignore the first warning message if both messages appear together in system log.
Failed to transform passthrough files for AD database files (Windows Only)
LDT skipped the transformation of passthrough files for all AD database files. The problem occurs when the AD database remains in the default folder location.
Related Messages:
-
Skipping transformation of passthrough file [filename]. The file resides in the boot directory. CTE cannot encrypt boot directory files.
-
Skipping transformation of passthrough file [filename]. CTE cannot encrypt these files. They are already encrypted using NTFS encryption or compressed.
-
Skipping transformation of passthrough file [filename]. File is not in a GuardPoint directory.
Solution: To fix this issue, move the AD database to any folder other than c:\windows or c:\program files.
