06-17-2008 06:28 AM
I am troubleshooting DFM problem on a managed network device. I was told to issue the command, "dmctl -s DFM get Router::<ipaddr>". However, I got a message, "dmctl: Could not attach to 'DFM': Login to Domain Manager failed; permission denied." What credentails I can use to make this to work? Thank you in advance.
Solved! Go to Solution.
06-17-2008 08:42 AM
I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.
06-17-2008 07:24 AM
Typically if dmctl prompts you for a username or password, it is admin/admin. However, the actual username and password can be found in NMSROOT/objects/smarts/conf/clientConnect.conf.
06-17-2008 07:31 AM
I did try admin/admin, but it didn't work. I didn't see the actual username and pasword in clientConnect.conf file. Please advise.
06-17-2008 07:37 AM
Without seeing your clientConnect.conf, I cannot comment. All I know is it will be in there.
06-17-2008 07:39 AM
#
#
# The first line indicates that field number 4, the password, should be
# encrypted. It must be the first line in the file. The lead character, '#',
# is an essential part of the directive. Once the file is encrypted, a
# second line starting with "#
# inserted into the file. It provides data for an integrity check. Do not
# delete or alter this line.
#
#
# clientConnect.conf
#
# Client outgoing authorization file
# This file defines the authentication credentials that clients will send
# to servers. Brokers do not use this file; see brokerConnect.conf.
#
# format:
# login user : target : InCharge user name : password
#
# The fields 'login user' and 'target' may be wildcard patterns.
#
# When a client other than a console wishes to connect to a server, it reads
# the lines in this file in the order written, searching for a line whose
# 'login user' matches the user running the client and whose 'target' matches
# the name of the server being connected to. Only the first matching line is
# used (but see the discussion of
#
# Once a line is located, its 'InCharge user name' and 'password' are sent
# to the target as credentials.
#
# Use '\' as an escape character.
#
# Comment lines start with # or //. Leading and trailing spaces are ignored
# in each field.
#
# Some fields may also contain special values:
# Field 'target' may contain
# specifies the Broker; ~
# Broker.
#
# Field 'InCharge user name' may contain
# which the current process is logged in is sent as the 'InCharge user name'.
#
# Fields 'InCharge user name' and 'password' may contain
# program is attached to a terminal, the system will prompt the user for
# the corresponding value. Lines containing a
# programs that are not attached to a terminal, even if they would otherwise
# be selected. (A later line matching the 'login user' and 'target' will be
# used.)
#
# Fields 'InCharge user name' and 'password' may contain
#
#
# Example:
# * :
# admin :InCharge :
# goodop :~
# * :~
##################### Program and User Access to Broker #####################
# By default, Brokers are operated in Nonsecure mode, using the well-known
# credentials BrokerNonsecure/Nonsecure. There is a line corresponding to
# this one in serverConnect.conf. This section must come before the "User
# Access" section to avoid prompting interactive users for the Broker password.
# If you use a secure Broker and wish to prompt interactive users, combine
# this section with the Program Access section below.
*:
##################### User Access #####################
# All interactive users get prompted. Note that because it comes first, and
# specifies the match-all '*' for both 'login user' and 'target', this line
# will always be selected for all interactive users, even if they would
# otherwise match a later line.
*:*:
##################### Program Access #####################
# NOTE: admin has full access. You should change the password! When you've
# done so, change the corresponding line in serverConnect.conf. This section
# must come after the "User Access" secion or it will be used for all
# connection attempts, including interactive ones.
#This is the line we care about
*:*:
06-17-2008 07:40 AM
I did try admin/admin again, this time I got the below message although it is the managed IP address.
dmctl -s DFM get Router::208.4.60.1
Server DFM User: admin
admin's Password: XXXXX
Router::208.4.60.1: No such object
06-17-2008 07:46 AM
Then this device (208.4.60.1) is not a router. Under what DCR device type category does it appear?
06-17-2008 07:51 AM
It appears as 7304 router. This is the managed IP address for this device.
06-17-2008 07:56 AM
How does this device appear in DFM?
06-17-2008 07:59 AM
Under "All Known Devices in Inventory Services".
06-17-2008 08:42 AM
I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.
06-17-2008 08:44 AM
It shows up as hostname. It got output now. Thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide