Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Troubleshoot DFM 2.0.10

I am troubleshooting DFM problem on a managed network device. I was told to issue the command, "dmctl -s DFM get Router::<ipaddr>". However, I got a message, "dmctl: Could not attach to 'DFM': Login to Domain Manager failed; permission denied." What credentails I can use to make this to work? Thank you in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Troubleshoot DFM 2.0.10

I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.

11 REPLIES
Cisco Employee

Re: Troubleshoot DFM 2.0.10

Typically if dmctl prompts you for a username or password, it is admin/admin. However, the actual username and password can be found in NMSROOT/objects/smarts/conf/clientConnect.conf.

Community Member

Re: Troubleshoot DFM 2.0.10

I did try admin/admin, but it didn't work. I didn't see the actual username and pasword in clientConnect.conf file. Please advise.

Cisco Employee

Re: Troubleshoot DFM 2.0.10

Without seeing your clientConnect.conf, I cannot comment. All I know is it will be in there.

Community Member

Re: Troubleshoot DFM 2.0.10

#:1.0:4

#

# The first line indicates that field number 4, the password, should be

# encrypted. It must be the first line in the file. The lead character, '#',

# is an essential part of the directive. Once the file is encrypted, a

# second line starting with "# DO NOT ALTER " is

# inserted into the file. It provides data for an integrity check. Do not

# delete or alter this line.

#

#

# clientConnect.conf

#

# Client outgoing authorization file

# This file defines the authentication credentials that clients will send

# to servers. Brokers do not use this file; see brokerConnect.conf.

#

# format:

# login user : target : InCharge user name : password

#

# The fields 'login user' and 'target' may be wildcard patterns.

#

# When a client other than a console wishes to connect to a server, it reads

# the lines in this file in the order written, searching for a line whose

# 'login user' matches the user running the client and whose 'target' matches

# the name of the server being connected to. Only the first matching line is

# used (but see the discussion of below.)

#

# Once a line is located, its 'InCharge user name' and 'password' are sent

# to the target as credentials.

#

# Use '\' as an escape character.

#

# Comment lines start with # or //. Leading and trailing spaces are ignored

# in each field.

#

# Some fields may also contain special values:

# Field 'target' may contain or ~. The value

# specifies the Broker; ~ specifies all servers, but not the

# Broker.

#

# Field 'InCharge user name' may contain . The user name under

# which the current process is logged in is sent as the 'InCharge user name'.

#

# Fields 'InCharge user name' and 'password' may contain . If the

# program is attached to a terminal, the system will prompt the user for

# the corresponding value. Lines containing a are skipped by

# programs that are not attached to a terminal, even if they would otherwise

# be selected. (A later line matching the 'login user' and 'target' will be

# used.)

#

# Fields 'InCharge user name' and 'password' may contain .

# is used by the target to authenticate legacy clients.

#

# Example:

# * : : :

# admin :InCharge : :

# goodop :~: operator : doit

# * :~: :

##################### Program and User Access to Broker #####################

# By default, Brokers are operated in Nonsecure mode, using the well-known

# credentials BrokerNonsecure/Nonsecure. There is a line corresponding to

# this one in serverConnect.conf. This section must come before the "User

# Access" section to avoid prompting interactive users for the Broker password.

# If you use a secure Broker and wish to prompt interactive users, combine

# this section with the Program Access section below.

*::BrokerNonsecure:Nonsecure

##################### User Access #####################

# All interactive users get prompted. Note that because it comes first, and

# specifies the match-all '*' for both 'login user' and 'target', this line

# will always be selected for all interactive users, even if they would

# otherwise match a later line.

*:*::

##################### Program Access #####################

# NOTE: admin has full access. You should change the password! When you've

# done so, change the corresponding line in serverConnect.conf. This section

# must come after the "User Access" secion or it will be used for all

# connection attempts, including interactive ones.

#This is the line we care about

*:*::

Community Member

Re: Troubleshoot DFM 2.0.10

I did try admin/admin again, this time I got the below message although it is the managed IP address.

dmctl -s DFM get Router::208.4.60.1

Server DFM User: admin

admin's Password: XXXXX

Router::208.4.60.1: No such object

Cisco Employee

Re: Troubleshoot DFM 2.0.10

Then this device (208.4.60.1) is not a router. Under what DCR device type category does it appear?

Community Member

Re: Troubleshoot DFM 2.0.10

It appears as 7304 router. This is the managed IP address for this device.

Cisco Employee

Re: Troubleshoot DFM 2.0.10

How does this device appear in DFM?

Community Member

Re: Troubleshoot DFM 2.0.10

Under "All Known Devices in Inventory Services".

Cisco Employee

Re: Troubleshoot DFM 2.0.10

I mean, does it show up by hostname or IP? That is what you need to pass to dmctl.

Community Member

Re: Troubleshoot DFM 2.0.10

It shows up as hostname. It got output now. Thank you.

174
Views
0
Helpful
11
Replies
CreatePlease to create content