Knowledge Search


×
 

[Security Director] Unable to delete unused objects or publish job hangs

  [KB34765] Show Article Properties


Summary:

Under some conditions, when attempting to delete shared objects from Security Director, the objects are not deleted.

Symptoms:
  • When you try to delete address or application objects from Security Director --> Configure --> Shared objects, it fails to delete the object with the error:
    "Failed to delete <name>, because it is in use by the few object(s). To delete <name>, it cannot be in use by any other object. To view its usage, click here."
  • Incorrect application signatures and schedulers shown in the preview configuration output.
  • Publish job many hang.
Cause:

After making a change to an address object or policy using an address object, the publish job did not run completely, was interrupted, or an unrecoverable database replication error occurred.

Whenever an address / application object is removed from a policy, the reference of that particular object will get removed from the AddressReferenceEntity / ApplicationReferenceEntity table along with USED_ADDRESSES_IDS_VIEW / SERVICES_REFERENCES table. If it doesn't get removed from the AddressReferenceEntity / ApplicationReferenceEntity, then while deleting the address /application object, the above error will be reported.

In case of application signatures and schedulers, if the entry does not get deleted from the ApplicationSignatureReferenceEntity / SchedulerReferenceEntity table, then the preview configuration will end up showing the symptoms listed in this article.
Solution:

Work-around: Run the attached script to clean up the stale references for shared objects. Contact JTAC with any questions or assistance using this script.

Before running this script, ensure all assigned services for the device have been published again. (Check Assigned, Published columns on the SD Device list.)

  1. Make a backup of the Space database by following the steps in Backing Up the Junos Space Network Management Platform Database. (The process is the same for all Space versions.)
  2. Download the script file CleanupStaleReferencesForSharedObjects_sh.zip.

  3. SCP the script file to the server and unzip.  (Unzip the script on the server to ensure file integrity.)
           Example:
          unzip CleanupStaleReferencesForSharedObjects​.zip
 
        4. Run Script:
            sh CleanupStaleReferencesForSharedObjects.sh  

 
Related KBs:
KB33777 - Device found in Security Director but not in Junos Space Platform
KB34766 - [Security Director] Deleted VPNs appear in publish objects in Security Director
KB34767 - [Security Director] Update firewall policy job failing in Security Director
 

Related Links: