Smarts IP/SAM: Users can not login after the 'serverConnect.conf' configuration file is modified to include the *:*:<SYS>:Monitor line
search cancel

Smarts IP/SAM: Users can not login after the 'serverConnect.conf' configuration file is modified to include the *:*:<SYS>:Monitor line

book

Article ID: 303862

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:




Users cannot log in after the serverConnect.conf configuration file is modified to include the *:*:<SYS>:Monitor line used to provide monitor access to the Smarts server System users

Environment

VMware Smart Assurance - SMARTS

Cause

Because of the wildcards used in the *:*:<SYS>:Monitor entry, all incoming authentication requests will be matched against that entry and not the correct user entries lower down in the serverConnect.conf file.   If the incoming user ID does not exist on the host that is receiving the authentication request, the login request will fail.  If the user ID does exist but the user has "All" rights in his entry below, he will only receive Monitor rights because the request will match this entry.

Resolution

To resolve this issue, do one of the following:
  • Comment out the *:*:<SYS>:Monitor entry in the  serverConnect.conf configuration file (#*:*:<SYS>:Monitor). This file is found in the following location:

    <BASEDIR>/smarts/local/conf/serverConnect.conf

     
  • Move the *:*:<SYS>:Monitor entry below all of the unique user ID lines in the serverConnect.conf configuration file.

Either change will take effect immediately after you save the serverConnect.conf configuration file.