Smarts NCM: Authentication errors for Controldaemon user floods AS logs
search cancel

Smarts NCM: Authentication errors for Controldaemon user floods AS logs

book

Article ID: 330954

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:


Following error messages noticed in Jboss.log and Powerup.log post changing ControlDaemon user password-

Powerup.log:

2017-05-22 13:45:44,675 DEBUG [com.powerup.configmgr.server.security.axis.handlers.AuthenticationHandler] (http-0.0.0.0-8881-1) Authenticating as user: controlDaemon
2017-05-22 13:45:44,679 DEBUG [com.powerup.configmgr.server.security.login.CompositeLoginModule] (http-0.0.0.0-8881-1) Check shared credentials exist
2017-05-22 13:45:44,679 DEBUG [com.powerup.configmgr.server.security.login.CompositeLoginModule] (http-0.0.0.0-8881-1) Performing authentication for user - controlDaemon
2017-05-22 13:45:44,679 ERROR [com.powerup.configmgr.server.security.login.CompositeLoginModule] (http-0.0.0.0-8881-1) Incorrect password for user - controlDaemon


Jboss.log:

2017-05-22 13:45:47,705 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] (http-0.0.0.0-8881-1) Error in Security Interceptor
java.lang.SecurityException: Authentication exception, principal=controlDaemon


Environment

VMware Smart Assurance - NCM

Cause

The password has not been synchronized in all of the device servers connected to the application server.

Resolution

Steps to resolve the issue-

1) Change the Controldaemon password again by using "password-change.pl" script located under $VOYENCE_HOME/tools/ on AS. 

Ex:
[root@bngsmartsncm4 tools]# ./password-change.pl

a) The Password Update Utility will launch.
Enter option "C" (Change single password):
+========================================================+
| Password Update Utility                                |
+========================================================+
| Available Commands:                                    |
|     [A]uto-Generate All Passwords                      |
|     [C]hange Single Password                           |
|     [S]ychronize from App Server                       |
|     [Q]uit                                             |
+========================================================+
Command: c

b) In List of Users, enter option "2" for controlDaemon and the new password you want to use:
+========================================================+
| List of Users                                          |
+--------------------------------------------------------+
| 1. system                                              |
| 2. controlDaemon                                       |
| 3. int_mod_user                                        |
| 4. jmx-user                                            |
| 5. smc-user                                            |
| 6. database                                            |
+========================================================+
User (1-6): 2
New Password:
 
Note: You can give any password here that is desired, and this will reset the controlDaemon user password.

2) Run the command "password-change.pl -s" from $VOYENCE_HOME/tools/ across all the device servers connected to the application server. 
Note: If it's a combination setup, then step 2 need not be performed. 

3) Restart the services using the command "service vcmaster restart". 

The authentication error messages should not flood Jboss.log anymore post implementation of the above. 


Additional Information

Note: $VOYENCE_HOME is the base directory wherever NCM is installed. It can be verified by executing command "source /etc/voyence.conf" and then running "$VOYENCE_HOME" to know the directory where "smarts-ncm" is installed.