config Archive Mgmt failed LMS 3.2

Answered Question
Nov 30th, 2009


Archive mgmt failed for 14 devices and working fine for only 2 devices..The communicaion between the LMS and Switches is through SSH,but ssh also failed.


Correct Answer by Joe Clarke about 7 years 2 months ago

Look at frames 622 through 714.  You will see the login failure.  I'm guessing the other configs were archived using TFTP/SNMP.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Joe Clarke Mon, 11/30/2009 - 15:04

These errors point to incorrect credentials in DCR for these devices.  Go to Common Services > Device and Credentials > Device Management, and export the credentials for the affected devices.  Then, from the LMS server, verify that you can SSH to these devices, and login using the same credentials that are configured in DCR.  Verify you can get into enable mode using the same enable password which is configured in DCR.

lambay2000 Tue, 12/01/2009 - 10:54

Hi clarke,

I had verified the credentials,they are very correct,i have done the ssh from LMS itself from CM i did'nt receive any errors,.Still Archive mgmt fails.


Joe Clarke Tue, 12/01/2009 - 22:47

Then go ahead and open a TAC service request so additional debugging can be done.

lambay2000 Tue, 12/08/2009 - 04:21

Hi clarke,

Am getting syslogs that user authentication failed by LMS in my syslogs,i verified the device and credentials from CS the password and username are correct,I have configured wrong credentials somewhere,can u help me to remind once more that where are the possibilities where i have mistakenly configured wrong credentials. OR to make default settings and  reenter the primary and enable password settings.

I have been through workflow assitant server setup there it is showing me as in the attached.It is not allowing me to chnage the default credentials,How can i do it????????

Ur help will be appreciated.


Joe Clarke Tue, 12/08/2009 - 10:30

Default credential sets are only applied to devices when they are added to DCR.  Once they are in DCR, modifying the credential sets will not change the credentials for the devices.  Go to Common Services > Device and Credentials > Device Management, select all of the devices you wish to update, and click Edit Credentials.  Bypass the first screen, then make all of the required credential changes you want, and click Finish.

lambay2000 Sun, 12/13/2009 - 00:38

Hey clarke,

Sorry to reply late,i have edited standard credentials as same as it is for default credentials and it worked,but for 1 of of the switches am getting partially collected,the error is vlan config fetch failed,startup and running are success but vlan  config failing,

what could be the possible reason.


Joe Clarke Sun, 12/13/2009 - 11:14

In order for RME to fetch the vlan.dat from a device, it must be able to login to the device using either telnet or SSH, then perform the command:

copy flash:vlan.dat tftp:

The TFTP URL is the IP address of the RME server.  So, try logging into the device using the same credentials that are in DCR, then try to manually TFTP the vlan.dat file to the RME server.  This will probably fail.  You will then need to fix what is causing it to fail.  The most common cause is TFTP being blocked in the network.

lambay2000 Mon, 12/14/2009 - 11:37

Hey Clarke,

Hope you;re doing well,

i have tried from ur below instructions,i have attached logs from packet capture and the tftp permission denied error.

Am receiving an error permission denied while copying vlan.dat file from switch to tftp server (LMS Server) same error i can see in packet capture,Is it anywhere in LMS server i have to give permission for TFTP server.

I tried installing a different vendor TFTP server but the LMS TFTP is listening on this port.How can i disable the tftp port on LMS server and open for open vendor product such tftpd32.exe OR solarwinds tftp server.

LMS Server IP add and the switch IP add

Awaiting ur reply soon.

Joe Clarke Mon, 12/14/2009 - 13:28

Make sure the casusers group has full control over the NMSROOT/tftpboot directory.  When performing the copy manually, you must first create an empty file in the tftpboot directory (with full control to the casusers group) before you will be able to write to it.  When LMS does the copy, it will create this file automatically.

lambay2000 Mon, 12/14/2009 - 21:44

Hey Clarke,

Here are the attached print screen for the permission what i applied on tftp directory and vlan.dat file in tftp directory folder,still the same error,the copy of vlan.dat file on another PC is success the problem is with the LMS tftp permission.Though i have given the full control permission to casusers and also to local users & groups it is popping me with the below error.

%Error opening tftp:// (Permission denied).


Joe Clarke Mon, 12/14/2009 - 22:17

You have extensions hidden.  Your vlan.dat file is actually vlan.dat.txt.  Go to a DOS prompt, and rename the file to vlan.dat, and then test the manual copy.

lambay2000 Mon, 12/14/2009 - 23:14

Hi clarke,

I have changed the extension and it was success to manual copy from switch to LMS the vlan.dat file size increased from 0 kb to 1 kb ,BUT when i try to do sync archive from RME it is failing.

Thanks for immediate reponse.

Joe Clarke Mon, 12/14/2009 - 23:19

Start a new sniffer trace filtering on traffic between the device and the RME server, then perform a new Sync Archive job to that one device.  Post the capture file when it completes.

Joe Clarke Tue, 12/15/2009 - 08:55

You have the wrong credentials in DCR for this device.  RME is trying to login with the username cwlms and password LmsITA9002, and this is failing.  Fix the credentials in DCR, and RME should be able to fetch the vlan configuration.

lambay2000 Tue, 12/15/2009 - 10:45

Hi Clarke,

These are the correct credentials,this is  the username and password for LMS i have configured for each and every switch.


Joe Clarke Tue, 12/15/2009 - 10:47

The sniffer trace doesn't lie.  The device responds saying the credentials are incorrect.  Take a look for yourself.

lambay2000 Tue, 12/15/2009 - 11:50

Hello Joe,

Joe i cant see any username and password in sniffer trace can u tell where i have to see that,but joe if u say the credentials are incorrect then how the primary and running config are getting archived,It is a very strange but believe me the username and password are correct.


Correct Answer
Joe Clarke Tue, 12/15/2009 - 11:54

Look at frames 622 through 714.  You will see the login failure.  I'm guessing the other configs were archived using TFTP/SNMP.

lambay2000 Wed, 12/16/2009 - 04:32

Hi Clarke,

You are the real expert,solved the issue.It is fetching the vlan configs also.



This Discussion