netsight+auth+failure

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
I was playing around with LDAP integration on Netsight and I seem to have broken authentication. Is it possible to revert back to local auth as i can no longer access Netsight?
Photo of Justsomebodi

Justsomebodi

  • 1,572 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Nico Willamowski

Nico Willamowski

  • 886 Points 500 badge 2x thumb
Do you have enable "Authticate to OS on LDAP Failure"? So you can use your maybe the root user or another NetSight Administrator, which is local at Netsight.
Photo of Justsomebodi

Justsomebodi

  • 1,572 Points 1k badge 2x thumb
I don't know actually. The root user doesn't have access which makes me think something broke.
Photo of Andre K.

Andre K.

  • 356 Points 250 badge 2x thumb
Since the auth config is stored in the Netsight database I guess you would have to perform a manual restore of a db backup (if available). However I'm not confident enough to give detailed instructions on that as you may break your entire installation without proper guidance.

At first glance I could not find official information on how to perform a manual db restore. This would make a useful GTAC-KB article, imho. ;-)
Photo of Justsomebodi

Justsomebodi

  • 1,572 Points 1k badge 2x thumb
We don't have backups. I wonder if i could just edit the entry in the DB?
Photo of Andre K.

Andre K.

  • 356 Points 250 badge 2x thumb
well. I was able to find this in the netsight db:

mysql> select * from nsproperties;
+----+------------------------------+-------------------------------+
| ID | NAME | VALUE |
+----+------------------------------+-------------------------------+
| 1 | Automatic User Membership | false |
| 2 | serverAuthType | Default ( OS Authentication ) |
| 3 | serverAuthOSAuto | false |
| 4 | serverAuthOSGroup | NetSight Administrator |
| 5 | serverAuthLDAPConfig | None |
| 6 | serverAuthLDAPFailToOS | false |
| 7 | serverAuthLDAPGroup | NetSight Administrator |
| 8 | serverAuthRadiusConfig | None |
| 9 | serverAuthRadiusBackupConfig | None |
| 10 | serverAuthRadiusFailToOS | false |
| 11 | serverAuthRadiusGroup | NetSight Administrator |
+----+------------------------------+-------------------------------+
11 rows in set (0.00 sec)
 
Photo of Justsomebodi

Justsomebodi

  • 1,572 Points 1k badge 2x thumb
Hi what command did you use? When i try "mysql -u root -p" ubuntu says not installed?
Photo of Andre K.

Andre K.

  • 356 Points 250 badge 2x thumb
/usr/local/Enterasys_Networks/NetSight/mysql/bin/mysql -S /tmp/netsight_mysql.sock -u netsight -p

"root" will not have access to the db. Check the "Netsight Suite wide Tools User Guide" (Section 'Managing the Database') for the default password. However, I am not an expert considering the NS db and found that setting only by best guess. I don't know if changing it will suffice to solve your problem. If you are not forced to take desperate measures, I'd rather advise to contact support.

Photo of Justsomebodi

Justsomebodi

  • 1,572 Points 1k badge 2x thumb
That worked. You can just change the properties within the db.

Thanks
(Edited)