Reset Search
 

 

Article

Unable to login to Netsight Console using LDAP or OS credentials

« Go Back

Information

 
TitleUnable to login to Netsight Console using LDAP or OS credentials
Symptoms
  • Upgrade NetSight from 6.1 or earlier to 6.2 or higher
  • Unable to login to Netsight Console using LDAP or OS credentials
  • Error message: User is not authorized
Environment
  • NetSight
  • Ubuntu Linux OS
  • Windows Server (see additional notes)
  • NetSight Suite: All Software versions
Cause
LDAP configuration incorrect. Fail to OS authentication not set in the software
Resolution
Restore access to GUI to gain access to LDAP configurations:
       1. SSH to NetSight appliance
       2. Change directory to <INSTALL_DIRECTORY>/NetSight/scripts
cd /usr/local/Extreme_Networks/NetSight/scripts
       3. Run mysql.sh
./mysql.sh
       4. Change database to use NetSight's Database with the following command:
use netsight;
       5. Show nsproperties table with the following command:
select * from nsproperties;

+----+------------------------------+------------------------+
| ID | NAME                                 | VALUE          |
+----+------------------------------+------------------------+
|  1 | serverAuthType               | LDAP Authentication    |
|  2 | serverAuthOSAuto             | false                  |
|  3 | serverAuthOSGroup            | NetSight Administrator |
|  4 | serverAuthLDAPConfig         | NSNAC401               |
|  5 | serverAuthLDAPFailToOS       | false                  |
|  6 | serverAuthLDAPGroup          | NetSight Administrator |
|  7 | serverAuthRadiusConfig       | 192.168.1.106          |
|  8 | serverAuthRadiusBackupConfig | None                   |
|  9 | serverAuthRadiusFailToOS     | false                  |
| 10 | serverAuthRadiusGroup        | NetSight Administrator |
+----+------------------------------+------------------------+
       6. Change AuthOSAuto, serverAuthLDAPFailToOS, andserverAuthRadiusFailToOS from false to true:
update nsproperties set VALUE ='true' where VALUE ='false';
       7. Show nsproperties table again:
select * from nsproperties;

+----+------------------------------+------------------------+
| ID | NAME                         | VALUE                  |
+----+------------------------------+------------------------+
|  1 | serverAuthType               | LDAP Authentication    |
|  2 | serverAuthOSAuto             | true                   |
|  3 | serverAuthOSGroup            | NetSight Administrator |
|  4 | serverAuthLDAPConfig         | NSNAC401               |
|  5 | serverAuthLDAPFailToOS       | true                   |
|  6 | serverAuthLDAPGroup          | NetSight Administrator |
|  7 | serverAuthRadiusConfig       | 192.168.1.106          |
|  8 | serverAuthRadiusBackupConfig | None                   |
|  9 | serverAuthRadiusFailToOS     | true                   |
| 10 | serverAuthRadiusGroup        | NetSight Administrator |
+----+------------------------------+------------------------+
10 rows in set (0.00 sec)
       8. Reattempt login to NetSight console with Operating System credentials.
       9. Fix LDAP configuration issues now that GUI is accessible.
Additional notes
You can set a specific property such as serverAuthLDAPFailToOS with the command:

Update nsproperties set value=’true’ where name=’serverAuthLDAPFailToOS’;

For a windows server
  1. open powershell,
  2. navigate to Netsight/scripts directory
  3. mysql is a cmd file.
  4. The rest of the commands are identical.

Regarding serverAuthOSAuto as false in top window - this is telling you that there is not fallback to OS credentials. This is often mistaken for being the correct setting.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255