Forum Discussion
CirrusError While Adding Peer Devices to Local Trust Domain
I have been working a SR with the support folks, and we have uncovered the following.
I locked down iControl SOAP access to my environment using the steps listed in K17459. Unfortunately, there appears to be a bug where this particular configuration object doesn't recognize CIDR notations.
As an example, I attempted both 192.168.1.0/24 and 192.168.1.0/255.255.255.0 to no avail. If I specify the exact IPs of the two DSC Members as individual IPs, the access is permitted.
The NSE and ENE are working toward writing a bug for this. I will update this thread once they have one assigned.
For those seeing this issue, use the workaround above (Specify individual IPs instead of CIDR) and you'll be able to continue with your work!
HTH
NimbostratusBesides the iControl SOAP allowed addresses you also need to ensure that the HTTPD allow list is not restricting communication. Was having the same issue. My iControl SOAP was allowing { All }, but it would still fail with the same error message "getDeviceInfo failed: [xmlHelpers.cpp:90 getXPathValue] expected 1 node for //faultstring, got 0".
Ensure you're allowing the IP address of the peer in your HTTPD allow list, which locks down access to the configuration utility. Issue the "list /sys httpd allow" command and if it's not allowing { All }, then modify it to include the IP address of the peer device by using "modify /sys httpd allow add { x.x.x.x/y }" where x.x.x.x/y is the IP or network address of the peer device. More information on using httpd allow in K13309.
