Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Security Director] Unable to delete unused objects or publish job hangs

0

0

Article ID: KB34765 KB Last Updated: 24 Aug 2019Version: 1.0
Summary:

Under some conditions, when attempting to delete shared objects from Security Director, the objects are not deleted.

Symptoms:
  • When you try to delete address or application objects from Security Director --> Configure --> Shared objects, it fails to delete the object with the error:
    "Failed to delete <name>, because it is in use by the few object(s). To delete <name>, it cannot be in use by any other object. To view its usage, click here."
  • Incorrect application signatures and schedulers shown in the preview configuration output.
  • Publish job many hang.
Cause:

After making a change to an address object or policy using an address object, the publish job did not run completely, was interrupted, or an unrecoverable database replication error occurred.

Whenever an address / application object is removed from a policy, the reference of that particular object will get removed from the AddressReferenceEntity / ApplicationReferenceEntity table along with USED_ADDRESSES_IDS_VIEW / SERVICES_REFERENCES table. If it doesn't get removed from the AddressReferenceEntity / ApplicationReferenceEntity, then while deleting the address /application object, the above error will be reported.

In case of application signatures and schedulers, if the entry does not get deleted from the ApplicationSignatureReferenceEntity / SchedulerReferenceEntity table, then the preview configuration will end up showing the symptoms listed in this article.
Solution:

Work-around: Run the attached script to clean up the stale references for shared objects. Contact JTAC with any questions or assistance using this script.

Before running this script, ensure all assigned services for the device have been published again. (Check Assigned, Published columns on the SD Device list.)

  1. Make a backup of the Space database by following the steps in Backing Up the Junos Space Network Management Platform Database. (The process is the same for all Space versions.)
  2. Download the script file CleanupStaleReferencesForSharedObjects_sh.zip.

  3. SCP the script file to the server and unzip.  (Unzip the script on the server to ensure file integrity.)
           Example:
          unzip CleanupStaleReferencesForSharedObjects​.zip
 
        4. Run Script:
            sh CleanupStaleReferencesForSharedObjects.sh  

 
Related KBs:
KB33777 - Device found in Security Director but not in Junos Space Platform
KB34766 - [Security Director] Deleted VPNs appear in publish objects in Security Director
KB34767 - [Security Director] Update firewall policy job failing in Security Director
 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search