- Community Home
- >
- Networking
- >
- IMC
- >
- IMC: Backup fails with AAA enabled
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-03-2015 11:58 PM - edited 12-03-2015 11:59 PM
12-03-2015 11:58 PM - edited 12-03-2015 11:59 PM
IMC: Backup fails with AAA enabled
Hello,
I just recognized that backup with IMC isn´t working after enabling AAA/RADIUS based login on the switch. It seems I´m missing something.
Let´s look at the switch configuration (HP A5500-EI, Software Version 5.20 Release 2221P20)
# domain default enable system # acl number 2201 name NMS rule 5 permit source 10.10.2.1 0 rule 10 deny # radius scheme RADIUS-Server primary authentication 10.10.1.1 key cipher SomeHashedPassword # domain system access-limit disable state active idle-cut disable self-service-url disable domain mydomain.com authentication default radius-scheme RADIUS-Server access-limit disable state active idle-cut disable self-service-url disable # local-user admin password cipher SomeHashedPassword authorization-attribute level 3 service-type lan-access service-type ssh telnet terminal service-type ftp service-type portal service-type web local-user RADIUSuser authorization-attribute level 3 service-type lan-access service-type ssh telnet terminal service-type ftp service-type portal service-type web local-user manager password cipher SomeHashedPassword authorization-attribute level 2 service-type telnet terminal local-user monitor password cipher SomeHashedPassword authorization-attribute level 1 service-type telnet terminal # snmp-agent [...] snmp-agent sys-info version v3 snmp-agent group v3 v3Group write-view ViewDefault notify-view ViewDefault acl 2201 snmp-agent target-host trap address udp-domain 10.10.2.1 params securityname HP_v3 v3 privacy snmp-agent usm-user v3 HP_v3 v3Group cipher authentication-mode sha SomeHashedPassword privacy-mode aes128 SomeHashedPassword acl 2201 # ssh server enable sftp server enable # user-interface aux 0 authentication-mode password set authentication password cipher $cSomeHashedPassword user-interface vty 0 15 authentication-mode scheme #
- With Putty/SSH I can happily login with user admin@system
- With Putty/SSH I can happily login with user RADIUSuser@mydomain.com
- IMC/SNMP works without any problems:
- IMC+SSH works with user admin@system and RADIUSuser@mydomain.com, e.g.:
- Let´s run "Configuration File Backup Result" within the "Configuration Center":
- What does the switch tell me with "dis log rev":
06:06:53:884 2015 SW47 CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=49-CommandSource=2-ConfigSource=3-ConfigDestination=2; Configuration is changed. 06:06:52:803 2015 SW47 CFGMAN/5/CFGMAN_CFGCOPY: -OptType=6-OptTime=10103-OptState=14-OptEndTime=23434564; Configuration is copied. 06:05:11:725 2015 SW47 CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=48-CommandSource=2-ConfigSource=3-ConfigDestination=2; Configuration is changed. 06:05:10:645 2015 SW47 CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=47-CommandSource=2-ConfigSource=3-ConfigDestination=2; Configuration is changed. 06:05:09:911 2015 SW47 CFGMAN/5/CFGMAN_CFGCOPY: -OptType=3-OptTime=10326-OptState=14-OptEndTime=23424275; Configuration is copied. 06:03:45:251 2015 SW47 CFGMAN/5/CFGMAN_EXIT: Exit from configuration mode. 06:03:26:616 2015 SW47 CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=46-CommandSource=2-ConfigSource=3-ConfigDestination=2; Configuration is changed. 05:59:52:144 2015 SW47 SSH/6/SSH_CONNECTION_CLOSE: STEL user admin@system (IP: 10.10.2.1) logged out because the SSH client closed the connection. 05:59:52:135 2015 SW47 SHELL/5/SHELL_LOGOUT: admin@system logged out from 10.10.2.1. 05:59:40:936 2015 SW47 SHELL/5/SHELL_LOGIN: admin@system logged in from 10.10.2.1. 05:59:40:826 2015 SW47 SSH/6/SSH_LOGIN: STEL user admin@system (IP: 10.10.2.1) logged in successfully. 05:59:40:800 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:40:799 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:40:796 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:40:795 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:40:794 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:40:793 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:27:087 2015 SW47 SSH/6/SSH_CONNECTION_CLOSE: STEL user admin@system (IP: 10.10.2.1) logged out because the SSH client closed the connection. 05:59:27:078 2015 SW47 SHELL/5/SHELL_LOGOUT: admin@system logged out from 10.10.2.1. 05:59:15:849 2015 SW47 SHELL/5/SHELL_LOGIN: admin@system logged in from 10.10.2.1. 05:59:15:740 2015 SW47 SSH/6/SSH_LOGIN: STEL user admin@system (IP: 10.10.2.1) logged in successfully. 05:59:15:723 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:15:721 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:15:719 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:15:718 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:15:716 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:59:15:715 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:59:06:125 2015 SW47 SSH/6/SSH_CONNECTION_CLOSE: STEL user admin@system (IP: 10.10.2.1) logged out because the SSH client closed the connection. 05:59:06:115 2015 SW47 SHELL/5/SHELL_LOGOUT: admin@system logged out from 10.10.2.1. 05:58:54:912 2015 SW47 SHELL/5/SHELL_LOGIN: admin@system logged in from 10.10.2.1. 05:58:54:805 2015 SW47 SSH/6/SSH_LOGIN: STEL user admin@system (IP: 10.10.2.1) logged in successfully. 05:58:54:787 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:58:54:786 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=ACCOUNT-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:58:54:783 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:58:54:782 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHOR-AAAScheme= local-Service=login-UserName=admin@system; AAA launched. 05:58:54:781 2015 SW47 SC/6/SC_AAA_SUCCESS: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA is successful. 05:58:54:780 2015 SW47 SC/6/SC_AAA_LAUNCH: -AAAType=AUTHEN-AAAScheme= local-Service=login-UserName=admin@system; AAA launched.
- Interestingly, backup is running without any problems on other A5500-EI switches where only a normal "admin" user (without any RADIUS, additional domains configuration) is being configured. So it seems I´m missing something?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-04-2015 01:37 PM
12-04-2015 01:37 PM
Re: IMC: Backup fails with AAA enabled
My guess is that the script isn't handling the extra '@' very well. What do you see in the imccfgbakdm logfiles?