Smarts IP/SAM: Users can not login after the 'serverConnect.conf' configuration file is modified to include the *:*:<SYS>:Monitor line
book
Article ID: 303862
calendar_today
Updated On:
Products
VMware Smart Assurance
Issue/Introduction
Symptoms:
Users cannot log in after the serverConnect.conf configuration file is modified to include the *:*:<SYS>:Monitor line used to provide monitor access to the Smarts server System users
Environment
VMware Smart Assurance - SMARTS
Cause
Because of the wildcards used in the *:*:<SYS>:Monitor entry, all incoming authentication requests will be matched against that entry and not the correct user entries lower down in the serverConnect.conf file. If the incoming user ID does not exist on the host that is receiving the authentication request, the login request will fail. If the user ID does exist but the user has "All" rights in his entry below, he will only receive Monitor rights because the request will match this entry.
Resolution
To resolve this issue, do one of the following:
Comment out the *:*:<SYS>:Monitor entry in the serverConnect.conf configuration file (#*:*:<SYS>:Monitor). This file is found in the following location:
<BASEDIR>/smarts/local/conf/serverConnect.conf
Move the *:*:<SYS>:Monitor entry below all of the unique user ID lines in the serverConnect.conf configuration file.
Either change will take effect immediately after you save the serverConnect.conf configuration file.