Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Subscriber Management] Syslog Message: 'authd[18144]: %DAEMON-3: sdb_app_access_line_entry_read_by_aci: aci key '': snapshot failed (-7)'



Article ID: KB33526 KB Last Updated: 28 Sep 2020Version: 1.0

This article explains the reason for the "authd[18144]: %DAEMON-3: sdb_app_access_line_entry_read_by_aci: aci key '<aci value>': snapshot failed (-7)" syslog message to be reported on MX Series broadband network gateways, and whether any action is required to clear it.



The following log messages are reported on MX Series broadband network gateways even when a subscriber with the specified ACI value is not present on the router:

authd[18144]: %DAEMON-3: sdb_app_access_line_entry_read_by_aci: aci key '<aci value>': snapshot failed (-7)
authd[18144]: %DAEMON-3: sdb_app_access_line_entry_read: aci key '<aci value>': read failed



Such messages appear when the general authentication process (authd) attempts to read the access network control protocol (ANCP) related parameters in a session database and such parameters are not found, probably because ANCP is not used for the subscriber's sessions. The trigger for authd for such behavior is the presence of the following configuration:

set access profile <profile name> radius options juniper-dsl-attributes

The above configuration causes dsl-attributes to be sent to the RADIUS server in Access-Request messages. For more information about dsl-attributes, refer to DSL Forum Vendor-Specific Attributes.



The messages are cosmetic and can be ignored. However, they can be numerous and fill up the log file.

To prevent these messages from filling up the logs, either delete the "access profile <profile name> radius options juniper-dsl-attributes" configuration or filter out the logs by using the following command:

syslog {
    file messages {
        any notice;
        authorization info;
        match "!(.*sdb_app_access_line_entry_read.*)";


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search