Userlevel 1
I was playing around with LDAP integration on Netsight and I seem to have broken authentication. Is it possible to revert back to local auth as i can no longer access Netsight?

8 replies

Userlevel 2
Do you have enable "Authticate to OS on LDAP Failure"? So you can use your maybe the root user or another NetSight Administrator, which is local at Netsight.
Userlevel 1
I don't know actually. The root user doesn't have access which makes me think something broke.
Since the auth config is stored in the Netsight database I guess you would have to perform a manual restore of a db backup (if available). However I'm not confident enough to give detailed instructions on that as you may break your entire installation without proper guidance.

At first glance I could not find official information on how to perform a manual db restore. This would make a useful GTAC-KB article, imho. 😉
Userlevel 1
We don't have backups. I wonder if i could just edit the entry in the DB?
well. I was able to find this in the netsight db:

mysql> select * from nsproperties;
| 1 | Automatic User Membership | false |
| 2 | serverAuthType | Default ( OS Authentication ) |
| 3 | serverAuthOSAuto | false |
| 4 | serverAuthOSGroup | NetSight Administrator |
| 5 | serverAuthLDAPConfig | None |
| 6 | serverAuthLDAPFailToOS | false |
| 7 | serverAuthLDAPGroup | NetSight Administrator |
| 8 | serverAuthRadiusConfig | None |
| 9 | serverAuthRadiusBackupConfig | None |
| 10 | serverAuthRadiusFailToOS | false |
| 11 | serverAuthRadiusGroup | NetSight Administrator |
11 rows in set (0.00 sec)
Userlevel 1
Hi what command did you use? When i try "mysql -u root -p" ubuntu says not installed?
/usr/local/Enterasys_Networks/NetSight/mysql/bin/mysql -S /tmp/netsight_mysql.sock -u netsight -p
[/code]"root" will not have access to the db. Check the "Netsight Suite wide Tools User Guide" (Section 'Managing the Database') for the default password. However, I am not an expert considering the NS db and found that setting only by best guess. I don't know if changing it will suffice to solve your problem. If you are not forced to take desperate measures, I'd rather advise to contact support.
Userlevel 1
That worked. You can just change the properties within the db.