Unsolved
This post is more than 5 years old
6 Posts
0
15853
ITA 7.1.0 & OMSA 4.5.0 - Authentication failure(?)
Running in to an interesting problem here.
All machines are running W2K3 SP1 with OMSA 4.5.0 installed.
The IT Assistant Server is at version 7.1.0
SNMP has been correctly configured.
Discovery and inventory is running correctly.
A domain admin account has been created for CIM Discovery and verified to be correct.
Each morning I receive a critical alert for Authentication Failures occurring at 01:00 from every managed node.
Status polling is at 1 hour, Discovery at 23:00 every Monday, and Inventory at 00:00 every Tuesday.
Using the troubleshooting tool for CIM connectivity yields (using the aforementioned domain account) the following results:
Connected to - Windows Name Space, Server Name Space - OK
Failed to connect to - Client Name Space
Any idea what authentication could possibly be failing so consistently?
I assume the Client Name Space should fail in this instance because I am monitoring only servers and not workstations. (?)
Thank you.
mcvosi
22 Posts
0
November 8th, 2005 20:00
Grasshopper62
25 Posts
0
November 8th, 2005 21:00
I've got a similar problem. I don't see why the system would think that this is anonymous login.
I've done tests.
I conclude my ITA can make one level of connection to my system, but is failing at a 2nd layer.
When I use ITA Tools to troubleshoot a CIM connection -
Username: johndoe
Password: *****
I get Failed to connect to Windows Name Space. A wrong password does the same -- No windows Event Log errors.
If I change to a bogus domain format "\username"
Username: \johndoe
Password: ******
I get
-Success conected to Windows Name Space, Client Name Space
-Failed to connect to Server Name Space
If a wrong password is entered, I get the Failed to connect to Windows Name Space -- but Windows does throw and Event Log authentication error, so with "\" I know windows saw the wrong password.
Conclusion: the domain \ is required.
Since I don't have a domain or a domain server, it fails at the Server Name Space -- but I don't know what that means. Can I make a "local domain"? Will it help?
I also did a bunch of testing with other tools (WMI and Wbemtest), very cool.
They work if I specify server name as \\servername\root\cimv2. This doesn't work in ITA -- no can ping.
I presume that ITA is defaulting to the \root\cimv2 space, but frankly when I get messages like
"failed to connect to Server Name Space"
and nothing says what that means, I think the documentation....is lacking.
NicholasH
6 Posts
0
November 9th, 2005 11:00
NicholasH
6 Posts
0
November 9th, 2005 11:00
Thanks for the input.
As a last ditch attempt to resolve the "Client Name Space" issue, I installed W2KS on a Dimension 8300 desktop, and since that model is not supported by OMSA, I donwloaded the client instrumentation for the desktop machines.
Result - Can connect to client and windows namespace using a domain admin account, but no server namespace.
As far as the authentication errors go, I found a thread wherein it was stated that if you have multiple SNMP communities, (I have a SET community and a GET community) and the "Send authentication traps" is checked, you will get bomabarded with these types of messages.
So, I took the band-aid advice of simply unchecking the "Send authentication traps" checkbox and the errors disappeard.
I still have as yet to find a solution for the authentication messages, but in the meantime I'm only receiving alerts that I actually care about.
Grasshopper62
25 Posts
0
November 9th, 2005 15:00
Failed to connect to ... Server Name Space
I also tried \username, local\username, locahost\username, root\username,
%computername%\username
all to no avail.