Unsolved
This post is more than 5 years old
138 Posts
0
2062
sm_authority or authozie via Radius or another method
Hello All.
I looking for a solution fo authentication via Radius os some another way.
Something that i found is SM_Authority variable that i can change to "--env=SM_AUTHORITY=IDENTIFY=sm_authority,AUTHENTICATE=/usr/bin/perl /opt/InCharge/SAM/smarts/local/script/sm_authority.pl'" or put it directly into run.cmd as a variable.
So, i have 2 questions
1) Where can i get sm_authority_ldap.pl ?
2) When i try to use SM_AUTHORITY variable. i get next error in domain manager log file
[September 11, 2012 1:45:23 AM GMT+07:00 +582ms] t@1203198272 HTTP #2
AUTH-E-EUNKNOWNMSG-Authority /usr/bin/perl /opt/InCharge/SAM/smarts/local/script/sm_authority.pl sent unknown message "Bareword found where operator expected at (eval 53) line 1, near "/# credentials BrokerNonsecure/Nonsecure"
[September 11, 2012 1:45:23 AM GMT+07:00 +583ms] t@1203198272 HTTP #2
AUTH-E-EUNKNOWNMSG-Authority /usr/bin/perl /opt/InCharge/SAM/smarts/local/script/sm_authority.pl sent unknown message " (Missing operator before Nonsecure?)
[September 11, 2012 1:45:23 AM GMT+07:00 +586ms] t@1203198272 HTTP #2
AUTH-E-EUNKNOWNMSG-Authority /usr/bin/perl /opt/InCharge/SAM/smarts/local/script/sm_authority.pl sent unknown message "Bareword found where operator expected at (eval 56) line 1, near "/# 1. Change the privileges for BrokerNonsecure/Nonsecure"
First time after domain manager started, authorization works but second time i get errors and authorization cold.
if i put incorrect password is cold too.
I try to work with different versions of sm_authority.pl from DFM 7,8 and 9. But get same error.
Somebody have document how to work with sm_authority from EMC P.S?
Somebody have sm_authority_ldap.pl or script that authorize via another method?
My issue is get rid of serverConnect.conf file and manage user roles (Monitor, All) in Radius or DB server.
--
Best Regards
Baadsgaard
16 Posts
0
September 19th, 2012 12:00
Hello Hemulll,
Your issue may be stemming from the Perl script which is causing process forking to occur. The symptoms outlined in knowledge base aricle emc258213 matches what you're describing to me in the above post. Details from the article are as follows:
Symptoms:
LDAP sm_authority Perl script prevents users from logging into Ionix/Smarts SAM domain
LDAP sm_authority Perl script goes into a zombie state and prevents users from logging into Ionix/Smarts SAM domain
Cause:
Process forking is occuring in Perl, which can cause the SAM server to block connections using sm_authority.
Fix:
To resolve this issue and prevent Perl process forking, include the following within your Perl script before you make the LDAP connection:
$SIG{CHLD} = 'IGNORE'
Let me know if this answers your question.
Regards,
Joseph
Hemulll
138 Posts
0
September 19th, 2012 22:00
Hi!
Already solved this problem.
Important issue is when you put variable sm_authorize into runcmd_env.sh don't forget to put quotes ("")
SM_AUTHORITY="IDENTIFY=sm_authority,AUTHENTICATE=/usr/bin/perl /InCharge/SAM/smarts/local/script/sm_authority.pl"
U can download my sample from my blog
http://ionix-smarts.blogspot.com/
Baadsgaard
16 Posts
0
September 20th, 2012 15:00
Hi Hemulll,
Thank you for the update. Let me know if there's anything else I can do.
Regards,
Joseph
showmount
9 Posts
0
September 21st, 2012 05:00
Please remove my email address from this list.
HockeyWeasel
27 Posts
0
September 21st, 2012 07:00
Hello Pedro,
Since I don't see your name on this post, it may be because you are subscribed to this forum. I recommend to check and make sure to turn "Email Notification" off.
Hope this helps,
Regards,
TJ
EMC Technical Support Engineer III,
Ionix Smarts / NCM
VCP, EMCSA, EMCIE