Problem: On a Unix/Linux server with multiple network interfaces running the Centrify DirectAudit agent, the agent will not connect to a Collector. The output of the "dainfo -d" command will show messages like the following:
Current state: The agent is not connected to a Collector
But a more specific message in the output will show the following:
Audit store 'Audit-North' services 10.238.2.135 Audit store 'Audit-South' services 10.202.254.119 Audit stores 'Audit-North' and 'Audit-South' are misconfigured to both contain this computer
Cause: The issue here is due to the server having multiple network interfaces. Since the server will have multiple IPs and if the IPs belongs to different AuditStore scopes, this will cause confusion to the CentrifyDA agent running on the server and will therefore not connect to any Collector.
Solution: Starting with the 2017 release (CentrifyDA 5.4.0) the following parameter in the /etc/centrifyda/centrifyda.conf file has been added to specify which AuditStore will be preferred:
Then run the "dareload" command and the agent will now connect to the Collector serving the Audit-North AuditStore.