- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- Initial PSP Deployment and MxFailedAuthenticationE...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-21-2004 07:26 PM
тАО04-21-2004 07:26 PM
Initial PSP Deployment and MxFailedAuthenticationException
What I have done:
I have run mkpasswd for the AD Domain accounts for the service account & my user account that I loginto HPSIM and AD.
I also ran mkgroup for the Domain.
I can connect to the management server using PUTTY and SSH and can also connect running ssh from the OpenSSH/bin on the CMS server. (Using all of the acounts that I added.)
I can even run the setupc command ok from within a SSH sessoin.
When I try to schedule the Initial PSP task, it returns with the following:
Running tool Run Remote Deployment Utility with job id 41892.
Task Name :defRunNowTaskId_1082617156160_1
Job ID :41892
Tool Name :Run Remote Deployment Utility
Job State :Failed
User Name :A1\Dean.Simiana
Execute As User :A1\Dean.Simiana
Start Time :Thursday, 22 April 2004 16:59:16
End Time :Thursday, 22 April 2004 16:59:18
Elapsed Time :2 seconds 140 milliseconds
Node :sydmanage.a1.asic.gov.au
Status :Failed
Exit Code :0
STDOUT :
EXCEPTION CLASS :
com.hp.mx.exceptions.MxFailedAuthenticationException
EXCEPTION :
Authentication failed.
Any ideas please???
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-22-2004 07:51 AM
тАО04-22-2004 07:51 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-22-2004 10:28 AM
тАО04-22-2004 10:28 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
You should do the following steps to correct this.
1. Go to All Systems, find the node in question, click the blue link for the device and the properties page will appear.
2. Does the SSH protocol show up? If so, then at one point HP SIM correctly identified the protocol.
3. Go to ..\\Systems Insight Manager\config\sshtools\ and open the known_hosts file - I found wordpad is easiest. You now need to find the IP, DNS name, and DNS fully qualified name of the device - use edit/find - and delete all instances of this device (I have found a max of three entries). Save the file.
4. Find the device in the system list of HP SIM. Highlight the row.
5. Look again at the properties file for the device and review protocols - it might say for SSH - undefined - because it is not in the known_hosts file - good.
6. Go to Options-->Discovery-->Identify Systems and run the identification. It might take a little while. After awhile, SSH should now show up in the properties for this device.
7. Now try the Initial Proliant Support Pack install.
The issue here is that the public key in the HP SIM known_hosts file is not the same one currently being used by the remote system. Re-running Identify uses the HP SIM ssh client to try to log into the remote system which will re-populate the HP SIM known_hosts file with the current key.
If the initial Server Authentication is successful, the next test is if the CMS user (On Windows the user Administrator is always used by HP SIM) is authorized by the remote system by checking the passwd file. It then looks in
Possibly lots of steps - but it should work using the above. The idea is that both ends need to be in sysc.
rk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-22-2004 01:03 PM
тАО04-22-2004 01:03 PM
Re: Initial PSP Deployment and MxFailedAuthenticationException
The target node does not have SSH installed on it, and is a Windows 2000 server, which I did not mention in my original post.
I also presume that the SIM system can connect to utself ok with ssh, as I can do so from the command line on that server using the OpenSSH ssh program.
I have cleared out the known_hosts and re-added the SSH keys, and have not had any luck.
I have also attached a text file that is an extract of the mx.log from the SIM server showing some more detail that I cannot quite interpret. I believe that there may be some problem still in the way that the SIM is SSH'ing itself, but I do not know where/why.
(ignore the password XXX in the file. I have stripped out the real password.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-23-2004 07:39 AM
тАО04-23-2004 07:39 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
From a command window on the CMS, using ssh to connect to a remote system only verifies if the remote system has an operating SSH Server, and not if HP SIM can connect to it.
rk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2004 05:34 AM
тАО04-28-2004 05:34 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
THE INITIAL PSP INSTALL IS SPECIFICALLY DESIGNED TO LAND THE RIGHT STUFF AT A REMOTE NODE AND DOES NOT ASSUME ANY PRE-REQUISITES.
When run, the Initial PSP Install lets you select the correct Support Pack out of the Repository and prompts for Windows OS credentials to validate against when connecting with the remote node.
The remote node does not have to have anything running on it except Windows.
The steps of the Initial PSP Install are:
- Within hpSIM you select the target node(s)
- Select the Repository
- Provide Windows login credentials for the remote node(s), either a standalone system or domain/AD account
- hpSIM copies to a temporary location the selected PSP out of the repository
- hpSIM uses SSH with itself to spawn a command line to execute
- the command line that is executed calls the CLI part of the ProLiant Support Pack Remote Deployment Utility, SETUPC.EXE
- it passes the arguments supplied in the third step above and iterates for each node in the target list
That is, if the following are selected:
- Targets of NODE01, NODE02, NODE03
- A PSP with the XML control file of BP000001.XML
- A login/pw combination of MYDOMAIN\ADMINISTRATOR and SECRETPASS
...it will cause hpSIM to call OpenSSH on its own system and will pass the following:
SETUPC.EXE /t NODE01 /user:MYDOMAIN\ADMINISTRATOR /passwd SECRETPASS BP000001.XML
SETUPC.EXE /t NODE02 /user:MYDOMAIN\ADMINISTRATOR /passwd SECRETPASS BP000001.XML
SETUPC.EXE /t NODE03 /user:MYDOMAIN\ADMINISTRATOR /passwd SECRETPASS BP000001.XML
Note that it calls OpenSSH 3 times as it iterates through the node list.
OpenSSH does NOT have to be on the remote node. OpenSSH has to be on the hpSIM server and has to accept a key from hpSIM when it is called.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2004 06:12 AM
тАО04-28-2004 06:12 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
rk
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2004 11:59 AM
тАО04-28-2004 11:59 AM
Re: Initial PSP Deployment and MxFailedAuthenticationException
None of the other ssh type commands work either, such as netstat.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2004 01:21 PM
тАО04-28-2004 01:21 PM
Re: Initial PSP Deployment and MxFailedAuthenticationException
Check that the local Administrator Account is in the passwd file.
If not, use the mx commands to add it. I reinstalled OpenSSH here and that was not in and I had the same issue as you, things like netstat didn't work.
Also, try logging into IM using teh account IM was installed under (if it was different) and try running the commands there.
Also, to test OpenSSH, you can try logging in to OpenSSH using either the SSH client or putty, that might identify the OpenSSH issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-28-2004 07:03 PM
тАО04-28-2004 07:03 PM
Re: Initial PSP Deployment and MxFailedAuthenticationException
Thanks for those suggestions.
I did not have the local Administrator account liusted in the SSH passwd file. The Serive account and my personal account were there. I addded Administrator and the Netstat type commands then worked. However the Initial PSP deployment did not.
After logging into SIM as the Service account, I was able to deploy the PSP's.
Hopefully HP will correct this or post a way to make it work for other accounts, or possibly I have not configured the security correctly in the SIM suff...
Thanks,
Dean.