An HSM-enabled DNS server must first be disabled in Address Manager before it can be replaced. Use the Replace function to replace an HSM-enabled DNS Server with a new server of the same type.
When a server is replaced in Address Manager, the new unit receives the Address Manager name and host name for the old server, along with the full deployment of services from Address Manager. BlueCat recommends using the same IPv4 address that was used on the old server on the new replacement DNS Server. This will allow the new DNS Server to easily re-join the HSM Security World.
If replacing an HSM-enabled DNS Server for use in an xHA pair, replace the server, making sure to enable HSM support from the Replace Server page, then create xHA. For more information, refer to OPTIONAL: Replacing HSM-enabled DNS/DHCP Servers in an xHA pair.
CommandNotSupportedException: Command: 61 not
supported by the server
.Do not attempt to take more than one DNS/DHCP Server under Address Manager control at the same time while enabling HSM. For example, from multiple browser tabs or windows, or from multiple admin users working in parallel (not necessarily from the same workstation). Doing so can result in misconfiguration of the DNS/DHCP Server.
To replace an HSM-enabled DNS Server:
- Log in to Address Manager via SSH as root.
- Run the following command:
hsm-status.sh
Address Manager should return ‘connection status OK’ for each HSM server. Ensure that the number of connection status messages matches the number of HSM servers you configured in the Address Manager user interface.
If Address Manager can't connect to an HSM server(s), or if the confirmed connections are less that the number of HSM servers added to the Address Manager user interface, refer to Troubleshooting.