NetWorker: Unable to launch NMC with user credentials - Server message: Unauthorized access: The username or password is incorrect
Resumen: Users see 401 Unauthorized errors and SSL handshake failures when launching the NetWorker Management Console (NMC), caused by a corrupted AUTHC directory and mismatched keystore truststore credentials. ...
Este artículo se aplica a
Este artículo no se aplica a
Este artículo no está vinculado a ningún producto específico.
No se identifican todas las versiones del producto en este artículo.
Síntomas
- The following error is observed when running
authc_configorauthc_mgmtcommands on the NetWorker server.
[root@linux1 conf]# authc_mgmt -u administrator -e find-all-users
ERROR [main] (DefaultLogger.java:222) - Error while performing Operation:
com.emc.brs.auth.common.exception.BRHttpErrorException: 401 . Server message: Unauthorized access: The username or password is incorrect
at com.emc.brs.auth.client.template.impl.DefaultBRResponseErrorHandler.handleError(DefaultBRResponseErrorHandler.java:65) ~[auth-cli-with-dependencies.jar:?]
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63) ~[auth-cli-with-dependencies.jar:?]
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:819) ~[auth-cli-with-dependencies.jar:?]
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:777) ~[auth-cli-with-dependencies.jar:?]
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) ~[auth-cli-with-dependencies.jar:?]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:631) ~[auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.client.api.impl.DefaultBRSecurityContext.login(DefaultBRSecurityContext.java:71) ~[auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.util.AdminUserServiceProxyImpl.getAdminUserService(AdminUserServiceProxyImpl.java:63) ~[auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.commands.AuthUserCommand.findAllUsers(AuthUserCommand.java:161) ~[auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.commands.AuthUserCommand.execute(AuthUserCommand.java:110) ~[auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.core.AuthMgmtCmdExecutor.execute(AuthMgmtCmdExecutor.java:141) [auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.core.AuthMgmt.executeCommand(AuthMgmt.java:170) [auth-cli-with-dependencies.jar:?]
at com.emc.brs.auth.cli.core.AuthMgmt.main(AuthMgmt.java:79) [auth-cli-with-dependencies.jar:?]
ERROR [main] (DefaultLogger.java:190) - Error executing command. Failure: 401 . Server message: Unauthorized access: The username or password is incorrect
Error executing command. Failure: 401 . Server message: Unauthorized access: The username or password is incorrect
- The NWUI.log reports the following:
Windows:
Linux:
C:\Program Files\EMC NetWorker\nsr\authc-server\tomcat\logs\nwui.log
Linux:
/nsr/authc/logs/nwui.log
ERROR [main] (DefaultLogger.java:190) - Error executing command. Failure: I/O error on POST request for "https://localhost:9090/auth-server/api/v1/sec/authenticate": PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Invalid TrustStore. Try copying key "keystore.password" and its value from authc-server-app.properties to authc-cli-app.properties
or providing truststore password(-Djavax.net.ssl.trustStorePassword="Password") as JVM Parameter.
Error executing command. Failure: I/O error on POST request for "https://localhost:9090/auth-server/api/v1/sec/authenticate": PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed; nested exception is javax.net.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
Invalid TrustStore. Try copying key "keystore.password" and its value from authc-server-app.properties to authc-cli-app.properties
or providing truststore password(-Djavax.net.ssl.trustStorePassword="Password") as JVM Parameter.
Causa
There is an issue with the authc.keystore:
Linux: /nsr/authc/conf/authc.keystore
Windows (Default): C:\Program Files\EMC NetWorker\nsr\authc-server\tomcat\conf\authc.keystore
In some scenarios, this issue may appear if the Authentication server (AUTHC) authcdb becomes corrupted. There are many potential causes for AUTHC corruption:
- Space issues on the NetWorker installation path.
- Database migration failure during NetWorker software update.
- Service termination or interruption during critical operation within the database.
- Antivirus or security tool modified or impacted files under the NetWorker installation path.
- Operating system level issues occurred within the NetWorker installation path.
- User modified files.
Resolución
Reconfigure the authcdb. If an external authority was configured, it must be reconfigured after following the below process. See Additional Info field for resources.
Before making any changes, ensure that adequate protection is performed using one or a combination of the following options.
- Ensure that the NetWorker installation path has adequate space. NetWorker starts to warn of space utilization issues after 85%. If space usage is high (90% or higher), reclaim or increase disk space.
- Create copies of
..\nsr\res\nsrdb,..\nsr\mm, and..\nsr\index(if space permits) - Perform 'Server Protection' backup job of NetWorker server and collect bootstrap details:
mminfo -B - If the NetWorker server is a Virtual Machine (VM), complete an image level snapshot.
Linux:
1. Open a root command prompt on the NetWorker server.
2. Stop NetWorker services: nsr_shutdown or nsr_shutdown -f
3. Rename the AUTHC folder: mv /nsr/authc/ /nsr/authc_original
4. Run the AUTHC service configuration script: /opt/nsr/authc-server/scripts/authc_configure.sh
NOTE: You are prompted to reconfigure the keystore password and the default NetWorker Administrator user password.
5. Start NetWorker services: systemctl start networker
Windows:
1. Open an Admin command prompt on the NetWorker server.
2. Stop NetWorker services: net stop nsrexecd /y
3. Uninstall NetWorker.
4. Rename the authc-server directory (default): C:\Program Files\EMC NetWorker\nsr\authc-server
5. Reinstall NetWorker using the same (or newer) NetWorker install package. During install you are prompted to reconfigure the AUTHC service and default NetWorker Administrator account.
NOTE: NetWorker packages can be downloaded from: Support for NetWorker | Drivers & Downloads.
Información adicional
- NetWorker: How to reset the Administrator password
- NetWorker: How To Set up AD/LDAP Authentication
- NetWorker: How to Configure AD or LDAP from the NetWorker Web User Interface
- NetWorker: How to Import or Replace Certificate Authority Signed Certificates for "AUTHC" and "NWUI" (Linux)
- NetWorker: How to Import or Replace Certificate Authority Signed Certificates for "AUTHC" and "NWUI" (Windows)
- NetWorker: Anti-virus Exclusion Considerations for NetWorker Server, Storage Node, or Client software
Productos afectados
NetWorker Family, NetWorkerProductos
NetWorker Management ConsolePropiedades del artículo
Número del artículo: 000204170
Tipo de artículo: Solution
Última modificación: 07 ene 2026
Versión: 4
Encuentre respuestas a sus preguntas de otros usuarios de Dell
Servicios de soporte
Compruebe si el dispositivo está cubierto por los servicios de soporte.