06-17-2008 06:28 AM
I am troubleshooting DFM problem on a managed network device. I was told to issue the command, "dmctl -s DFM get Router::<ipaddr>". However, I got a message, "dmctl: Could not attach to 'DFM': Login to Domain Manager failed; permission denied." What credentails I can use to make this to work? Thank you in advance.
Solved! Go to Solution.
06-17-2008 08:42 AM
I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.
06-17-2008 07:24 AM
Typically if dmctl prompts you for a username or password, it is admin/admin. However, the actual username and password can be found in NMSROOT/objects/smarts/conf/clientConnect.conf.
06-17-2008 07:31 AM
I did try admin/admin, but it didn't work. I didn't see the actual username and pasword in clientConnect.conf file. Please advise.
06-17-2008 07:37 AM
Without seeing your clientConnect.conf, I cannot comment. All I know is it will be in there.
06-17-2008 07:39 AM
#
#
# The first line indicates that field number 4, the password, should be
# encrypted. It must be the first line in the file. The lead character, '#',
# is an essential part of the directive. Once the file is encrypted, a
# second line starting with "#
# inserted into the file. It provides data for an integrity check. Do not
# delete or alter this line.
#
#
# clientConnect.conf
#
# Client outgoing authorization file
# This file defines the authentication credentials that clients will send
# to servers. Brokers do not use this file; see brokerConnect.conf.
#
# format:
# login user : target : InCharge user name : password
#
# The fields 'login user' and 'target' may be wildcard patterns.
#
# When a client other than a console wishes to connect to a server, it reads
# the lines in this file in the order written, searching for a line whose
# 'login user' matches the user running the client and whose 'target' matches
# the name of the server being connected to. Only the first matching line is
# used (but see the discussion of
#
# Once a line is located, its 'InCharge user name' and 'password' are sent
# to the target as credentials.
#
# Use '\' as an escape character.
#
# Comment lines start with # or //. Leading and trailing spaces are ignored
# in each field.
#
# Some fields may also contain special values:
# Field 'target' may contain
# specifies the Broker; ~
# Broker.
#
# Field 'InCharge user name' may contain
# which the current process is logged in is sent as the 'InCharge user name'.
#
# Fields 'InCharge user name' and 'password' may contain
# program is attached to a terminal, the system will prompt the user for
# the corresponding value. Lines containing a
# programs that are not attached to a terminal, even if they would otherwise
# be selected. (A later line matching the 'login user' and 'target' will be
# used.)
#
# Fields 'InCharge user name' and 'password' may contain
#
#
# Example:
# * :
# admin :InCharge :
# goodop :~
# * :~
##################### Program and User Access to Broker #####################
# By default, Brokers are operated in Nonsecure mode, using the well-known
# credentials BrokerNonsecure/Nonsecure. There is a line corresponding to
# this one in serverConnect.conf. This section must come before the "User
# Access" section to avoid prompting interactive users for the Broker password.
# If you use a secure Broker and wish to prompt interactive users, combine
# this section with the Program Access section below.
*:
##################### User Access #####################
# All interactive users get prompted. Note that because it comes first, and
# specifies the match-all '*' for both 'login user' and 'target', this line
# will always be selected for all interactive users, even if they would
# otherwise match a later line.
*:*:
##################### Program Access #####################
# NOTE: admin has full access. You should change the password! When you've
# done so, change the corresponding line in serverConnect.conf. This section
# must come after the "User Access" secion or it will be used for all
# connection attempts, including interactive ones.
#This is the line we care about
*:*:
06-17-2008 07:40 AM
I did try admin/admin again, this time I got the below message although it is the managed IP address.
dmctl -s DFM get Router::208.4.60.1
Server DFM User: admin
admin's Password: XXXXX
Router::208.4.60.1: No such object
06-17-2008 07:46 AM
Then this device (208.4.60.1) is not a router. Under what DCR device type category does it appear?
06-17-2008 07:51 AM
It appears as 7304 router. This is the managed IP address for this device.
06-17-2008 07:56 AM
How does this device appear in DFM?
06-17-2008 07:59 AM
Under "All Known Devices in Inventory Services".
06-17-2008 08:42 AM
I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.
06-17-2008 08:44 AM
It shows up as hostname. It got output now. Thank you.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: