- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Server Management - Systems Insight Manager
- >
- Hardware status polling locked out a domain user
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-16-2010 09:57 AM
тАО12-16-2010 09:57 AM
Hardware status polling locked out a domain user
The only way to stop the lockout situation for now is to disable Hardware status polling for hardware. But we need this task to run.
Please help. thanks,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-17-2010 02:31 PM - last edited on тАО06-29-2021 12:04 AM by Ramya_Heera
тАО12-17-2010 02:31 PM - last edited on тАО06-29-2021 12:04 AM by Ramya_Heera
Re: Hardware status polling locked out a domain user
Hi William,
To resolve this issue, restart Systems Insight Manager to remove any extraneous database records, and re-run
the discovery or identification task.
If still does not work, remove user from HP SIM database using mxnodesecurity command
To quickly find out the systems against which HP SIM is trying to authenticate using the specific account, from a command propmt run the following command:
mxnodesecurity -l
Output from this command has fixed width and can easily be imported in a spreadsheet to be filtered. You will be looking for something similar to the following:
NODENAME PROTOCOL USERNAME PASSWORD TRYOTHERS
simserver wbem domain\user ******** Yes
OPTION 1
Open HP SIM
For each one of the systems having the wrong credentials, do the following:
- In the "All Systems" view, select the system
- From the "Options" menu, select "Security", "Credentials", "System Credentials"
- From the table, select the wrong credentials and click on "Edit system credentials..."
- In the "Edit System Credentials" panel, click on "Show advanced protocol credentials"
- Click on the tab(s) related to the wrong credentials, amend them and click on "OK"
OPTION 2
The following procedure should be run using SQL Server Management Studio to connect to the server hosting HP SIM's database. The database used to host HP SIM's data is assumed to be Microsoft SQL Server 2005.
Use the following procedure:
- Open SQL Server Management Studio and connect to the server hosting SIM's database
- In the left pane, expand "Databases", "Insight_v50_0_xxxx" (where "Insight_v50_0_xxxx" is HP SIM's database), "Tables"
- Right-click "dbo.NodeCredentialMap" and select "Script Table as", "DELETE To", "New Query Editor Window"
- The query will be similar to the following: DELETE FROM [Insight_v50_0_14203480].[dbo].[NodeCredentialMap] WHERE protocol = 'wbem'
(change "wbem" with the relevant protocol if needed)
- Click on "run" and check the result
- Running mxnodesecurity -l on the CMS should produce no results for the wbem protocol (or the alternative one used in the above query)
thanks,
Aftab
Looking for a quick resolution to a technical issue for your HPE products? HPE Support Center Knowledge-base тАУ Just a Click Away!
See Self Help Post for more details
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-20-2010 07:48 AM
тАО12-20-2010 07:48 AM
Re: Hardware status polling locked out a domain user
I have unchecked WBEM protocol in the "Hardware status polling for servers" settings and it seems good. I suspected the specific user used his domain account credential to subscribe the WBEM event for some servers. But this is just a guess and workaround. I am still wondering why.
What I did before for troubleshooting was to remove the user account in SIM and reboot the server but didn't help.
I have run "mxnodesecurity -l" on the CMS. The user whose account has been locked is not on the list.
I followed the option 1 you mentioned. As I don't know which server caused trouble, I can't specify which system I should look into it for system credential.
I didn't run the option 2 yet as the SQL studio management hasn't been installed. I think this should be the same result as "mxnodesecurity -l -p wbem". I will give a try once I get SQL studio installed.
Thanks,
William