Skip to main content
Skip table of contents

Privilege elevation profiles and Delphix replication

Because all Delphix Engines have a default Profile called sudo, which would normally exist on both source and target Delphix Engines, replication collisions which would normally prevent a successful failover are automatically resolved.

  • Only Profiles which are actually assigned to a host are replicated. All currently unassigned profiles are ignored.

  • Profile name collisions are resolved by the display names of duplicate Profiles being prefixed with a unique object identifier. This is described in more detail in the next section.

  • A default Profile will not retain default status after replication failover. The Profile assigned as default on the replication target Delphix Engine will remain the default. Therefore, if the source Delphix Engine has a non-standard default Profile, it will need to be manually set as the new default on the replication target Delphix Engine after failover.

Caveats

By design, the Delphix Engine allows the creation of Profiles with duplicate names. This is not a bug. It exists for several reasons:

  • This allows replication failover to complete without duplicate Profile names triggering a collision.

  • Makes versioning possible so that a profile with the same name can have multiple versions as iterations are made (some of which may not be production-ready).

However, this behavior has the consequence of changing the display name of Profiles. Once a duplicate name exists, a unique object identifier is prefixed to the name. Any references to such a profile (such as assigning to a host) must use the long format with the unique identifier. For example, standard Delphix Engine has the following Profile:

CODE 
Delphix5031HWv8> host privilegeElevation profile ls
Objects
NAME      ISDEFAULT
sudo      true
Operations
create

If a new profile that is also called "sudo" is created, the display names automatically change as follows:

CODE 
Objects
NAME                                        ISDEFAULT
`HOST_PRIVILEGE_ELEVATION_PROFILE-1/sudo    true
`HOST_PRIVILEGE_ELEVATION_PROFILE-5/sudo    false
  
Operations
create

Known issues

  • It is not possible to delete a Profile. Attempting to do so results in an API error. However, Profiles can be renamed to something meaningful like "unused_1".

  • Profiles created that contain single quotation marks can no longer be selected. They become orphaned Profiles.

  • When pasting in script contents, the cursor does not correctly move to the end of the last line being pasted. Unless the cursor is moved to the end of the line before pressing ENTER, the script will not be complete.

Neither of the above issues has any operational impact.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close