UIM - mysql probe v1.54 authentication fails when monitoring latest MariaDB versions
Article ID: 213053
Updated On:
Products
Issue/Introduction
This technical article documents a probe design limitation with the mysql probe when monitoring the latest versions of MariaDB.
Problem Summary/Symptoms of issue:
- Mysql probe does not function with MariaDB 10.3.27.
- The authentication does not accept the old client libraries anymore.
- TCP, Socket and Pipe authentication methods are failing with the below errors:
Cause
Currently, the MySQL probe support 16 bytes of hashing but Maria DB 10.X supports by default 41-bytes of password hashing because of that mismatch in password hashing connection is failed.
As the 41-bytes password is not supported by the probe, to support a considerable amount of development and testing effort is required, an enhancement request has been raised.
Environment
- UIM 20.3.2
- Mysql probe version: 1.54
- MariaDb: 10.3.27
- OS: Linux (Debian 10.8)
Resolution
Workaround:
1. On MariaDB create a new user with the required permissions.
2. Query the MariaDB to locate the password HASH of the new user created in step 1.
Note: By default newer versions of Maria Db ONLY accept the password HASH.
3. Run the below query:
Note: Enter the password in the second line where ('<password>').
Example: ('[email protected]').
SET old_passwords=0;
SELECT PASSWORD('<password>');
CREATE USER 'monitoring'@'localhost' IDENTIFIED VIA mysql_native_password USING '*6D4982B8BC98ADB22B264BD90827BEA947CFB45F';
GRANT all privileges on *.* to 'monitoring'@'localhost';
4. Now configure the probe to use the new user and password using the TCP authentication method.
Note: The other authentication methods (e.g. SOCKET) still do not work with this workaround applied.
Attachments
Feedback
