2011-07-01 03:04 PM
Is there a CLI way of finding login credential issues with appliances from operations manager? I can see some of what I want from opening the managment console and scrolling through the hosts looking for red. But I'd prefer to do this without having to launch the console.
If I were very patient, I could run every host through 'dfm host diag <host>', but that would take a long time. Is there some other location for that information?
Solved! SEE THE SOLUTION
2011-07-01 07:49 PM
When Login credentials are not set or are incorrect, a warning event "Host Login Failed" is generated againt that host. This will be also avaiable on the report for events-warning.
Try the following command to see this report. It will show all the hosts whose Login credentials are not set or are incorrect.
C:\>dfm report view events-warning |findstr /L Login
Warning 2472 Host Login Failed 02 Jul 08:24 323 host1
Warning 2466 Host Login Failed 02 Jul 08:24 326 host2
Warning 2465 Host Login Failed 02 Jul 08:24 324 host3
Warning 2421 Host Login Failed 02 Jul 08:24 319 host4
Warning 2398 Host Login Failed 02 Jul 08:23 325 host5
On Linux it should be:
dfm report view events-warning|grep "Login"
I hope this helps.
2011-07-01 11:28 PM
Hmm. I'm not seeing that on this system.
From dfm host diag:
SNMP Version in Use SNMPv1
SNMPv1 Passed (565 ms)
SNMP Community nvidia_newsec
SNMP sysName netapp-hq05.nvidia.com
SNMP sysObjectID .188.8.131.52.4.1.789.2.1 (Filer)
SNMP productId 0050411198
SNMPv3 Failed: Authentication failure (incorrect password, community or key)
SNMPv3 Auth Protocol MD5
SNMPv3 Privacy Enabled No
SNMPv3 Username root
ICMP Echo Passed (21 ms)
HTTP Passed (6 ms)
NDMP Ping Passed (port 10000, 12 ms)
NDMP Connect Passed (308 ms)
NDMP MD5 Passwd Check Passed
RSH Login incorrect.
SSH Permission denied (publickey,password).
RLM Skipped (hostRLMAddress is empty)
XML (http port 80) HTTP POST - Authorization failed
But from the warning report:
# dfm reports view events-warning | grep -i login
I do have a matching historical line, but not for the filer that currently has the invalid password.
2011-07-02 12:37 AM
The report events-warning only show the current events. Once the condition that generated the event is resolved or the event is deleted manually by a DFM administrator ( or a user with the required privileges), it goes to the history. Now in your case as dfm diag suggests, the event condition hasn't been resolved as yet, so the possibilities are:
1. The Host Login Failed warning event hasn't been generated as yet . Very unlikely as once dfm diag starts showing the informationed for the Failed login, events do get generated within minutes. I assume you have waited enough to rule out this possibility.
2. Are all the dfm services running? See it with the command "dfm service list". If some are not, start them by command "dfm service start"
3. The Host Login Failed warning event generated but was deleted.
To see this, try the report of history events and of the deleted events.
dfm report view events-history <host_name or ID>
dfm report view events-history-deleted <host_name or ID>
Here you'll know when and by whom the event was deleted.
2011-07-05 02:43 PM
I see. It looks like someone has indeed deleted the event. Further testing seems to show that deleting the event triggers the managment console to turn the "login credentials" box to green as well.
I don't suppose there's any way to get DFM to post a new alert for this condition until I can get it repaired? Would be nice to have it more obvious that the data on this system is suspect.