Check_mk cannot login - invalid credentials - check-mk

I've installed omd 2.90-labs-edition. After creating new site I want to login to check_mk (1.2.8.p20) web interface, but the given credentials do not work, I've got "Invalid credentials". This credentials only work for thruk web interface.
Here's output for creating a new site:
Adding /omd/sites/test/tmp to /etc/fstab.
Creating temporary filesystem /omd/sites/test/tmp...OK
Apache port 5000 is in use. I've choosen 5001 instead.
Restarting Apache...OK
Created new site test with version 2.90-labs-edition.
The site can be started with omd start test.
The default web UI is available at https://servername/test/
The admin user for the web applications is omdadmin with password: password
(It can be changed with the 'set_admin_password' command as site user.)
Please do a su - test for administration of this site.
New site is started, but login page for https://server_address/test/check_mk/login.py only gives me "invalid credentials" after login to "omdadmin" user.
Can't find the reason why... no information in logs /omd/sites/test/var/log/apache/error_log
Unfortunately tip about changing initial credentials for omdadmin user from https://mathias-kettner.com/check_mk-werks.php?werk_id=7643&__hstc=14126696.95407ad675cb255879d5c9f0e7607474.1553259391987.1553519829997.1553598167959.3&__hssc=14126696.1.1553598167959&__hsfp=3878063914 doesn't work for me or I do something wrong...
How to login to check_mk webinterface? Any suggestions appreciated.

The solutions was to turn off thruk_cookie_auth (omd config -> Web GUI).

yes #gaspar,
It also worked for me with the following config param on
OMS labs 2.90 (Check_MK + pnp4nagios + Thruk + grafana + InfluxDB)
APACHE_MODE: ssl
APACHE_TCP_ADDR: 127.0.0.1
APACHE_TCP_PORT: 5000
AUTOSTART: on
CORE: nagios
CRONTAB: on
DATASCRYER: off
DEFAULT_GUI: check_mk
DOKUWIKI_AUTH: off
DOWNTIMEAPI: off
GEARMAND: on
GEARMAND_PORT: 127.0.0.1:4730
GEARMAN_NEB: on
GEARMAN_WORKER: on
GRAFANA: on
GRAFANA_TCP_PORT: 8003
INFLUXDB: on
INFLUXDB_HTTP_TCP_PORT: 127.0.0.1:8086
INFLUXDB_META_TCP_PORT: 8088
INFLUXDB_MODE: http
INFLUXDB_RETENTION: 104
LIVESTATUS_TCP: off
MKEVENTD: off
MOD_GEARMAN: on
MULTISITE_AUTHORISATION: on
MULTISITE_COOKIE_AUTH: off
MYSQL: off
NAGFLUX: on
NAGIOS_THEME: classicui
NAGVIS_URLS: check_mk
NSCA: off
PNP4NAGIOS: gearman
PROMETHEUS: off
SNMPTRAPD: off
THRUK_COOKIE_AUTH: off
TMPFS: on
WEB_ALIAS:
WEB_REDIRECT: off

Related

Self certificate in local network on IIS project ASP.NET Core - Not secure (net::ERR_CERT_COMMON_NAME_INVALID)

im tryng to make the https in my project in asp.net core (only in local network).
On cmd i have create a self certificate with this command line:
New-SelfSignedCertificate -Subject "CN=192.168.1.208" -FriendlyName "192.168.1.208" -DnsName "192.168.1.208" -NotAfter (Get-Date).AddMonths(36) -CertStoreLocation cert:\LocalMachine\My
On IIS i bind the port and the certificate like this:
Now if i go on chrome and i search https://192.168.1.208:7001 i have this:
I tried so many attempts, and now i dont know how to resolve this, can someone help me?

Issue in making Remote powershell connection from windows 7

I am trying to make persistant remote powershell connection from Windows7(32-bit) to exchange Server 2013,such that I can run some powershell commands from My windows7
machine as i am running it on server.
I am following steps from this article https://technet.microsoft.com/en-us/library/dd335083(v=exchg.150).aspx
I had already installed
.net Framework Version 4.5,
Windows Framework 4.0,
and windows already has SP1 installed.
Now, the issue is in running this command
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://ServerName.domain.com/PowerShell/ -Authentication Kerberos -Credential $UserCredential
Everytime it results into an error that is
New-PSSession : [ex13r.corp.local] Connecting to remote server ex13r.corp.local failed with the following error
message : WinRM cannot process the request. The following error with errorcode 0x80090311 occurred while using
Kerberos authentication: There are currently no logon servers available to service the logon request.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or
use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more
information, see the about_Remote_Troubleshooting Help topic.
At D:\path.ps1:1 char:10
+ $session=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : AuthenticationFailed,PSSessionOpenFailed
NOTE
Client machine(Windows7) is not connected to any domain
I added the server to the list of trustedHosts
Set-ExecutionPolicy to remotesigned
Winrm service is also running.
Windows firewall is turned off on both the systems.
My Powershell Configuration after framework 4.0 installation is as follows
Name Value
---- -----
PSVersion 4.0
WSManStackVersion 3.0
SerializationVersion 1.1.0.1
CLRVersion 4.0.30319.18408
BuildVersion 6.3.9600.16406
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0}
PSRemotingProtocolVersion 2.2
My efforts are going in no direction,the error remains the same.Any help would greatly be appreciated.
Thanks!

go-ethereum - geth - puppeth - ethstat remote server : docker: command not found

I'm trying to setup a private ethereum test network using Puppeth (as Péter Szilágyi demoed in Ethereum devcon three 2017). I'm running it on a macbook pro (macOS Sierra).
When I try to setup the ethstat network component I get an "docker configured incorrectly: bash: docker: command not found" error. I have docker running and I can use it fine in the terminal e.g. docker ps.
Here are the steps I took:
What would you like to do? (default = stats)
1. Show network stats
2. Manage existing genesis
3. Track new remote server
4. Deploy network components
> 4
What would you like to deploy? (recommended order)
1. Ethstats - Network monitoring tool
2. Bootnode - Entry point of the network
3. Sealer - Full node minting new blocks
4. Wallet - Browser wallet for quick sends (todo)
5. Faucet - Crypto faucet to give away funds
6. Dashboard - Website listing above web-services
> 1
Which server do you want to interact with?
1. Connect another server
> 1
Please enter remote server's address:
> localhost
DEBUG[11-15|22:46:49] Attempting to establish SSH connection server=localhost
WARN [11-15|22:46:49] Bad SSH key, falling back to passwords path=/Users/xxx/.ssh/id_rsa err="ssh: cannot decode encrypted private keys"
The authenticity of host 'localhost:22 ([::1]:22)' can't be established.
SSH key fingerprint is xxx [MD5]
Are you sure you want to continue connecting (yes/no)? yes
What's the login password for xxx at localhost:22? (won't be echoed)
>
DEBUG[11-15|22:47:11] Verifying if docker is available server=localhost
ERROR[11-15|22:47:11] Server not ready for puppeth err="docker configured incorrectly: bash: docker: command not found\n"
Here are my questions:
Is there any documentation / tutorial describing how to setup this remote server properly. Or just on puppeth in general?
Can I not use localhost as "remote server address"
Any ideas on why the docker command is not found (it is installed and running and I can use it ok in the terminal).
Here is what I did.
For the docker you have to use the docker-compose binary. You can find it here.
Furthermore, you have to be sure that an ssh server is running on your localhost and that keys have been generated.
I didn't find any documentations for puppeth whatsoever.
I think I found the root cause to this problem. The SSH daemon is compiled with a default path. If you ssh to a machine with a specific command (other than a shell), you get that default path. This does not include /usr/local/bin for example, where docker lives in my case.
I found the solution here: https://serverfault.com/a/585075:
edit /etc/ssh/sshd_config and make sure it contains PermitUserEnvironment yes (you need to edit this with sudo)
create a file ~/.ssh/environment with the path that you want, in my case:
PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
When you now run ssh localhost env you should see a PATH that matches whatever you put in ~/.ssh/environment.

ejabberd contribution mod_apns does not work

I have added mod_apns to my ejabberd server. You can find this module here.
my ejabberd.yml configuration is like this:
mod_apns:
address: "gateway.sandbox.push.apple.com"
port: 2195
certfile: "/Applications/ejabberd-15.10/conf/cert.pem"
keyfile: "/Applications/ejabberd-15.10/conf/key.pem"
password: "myPassword"
the address is sandbox since I am still in development phase. And I have tested my cert.pem and key.pem and they are valid and working.
I send my device token to ejabberd server like this:
<iq type="set" to="myEjabberdServer.com">
<register xmlns="https://apple.com/push">
<token>myDeviceTokenWithoutAnySpace</token>
</register>
</iq>
I can see my device token is saved in apns_users database.
But I still do not get notifications when my user is offline.
Am I doing anything wrong?
Does it work with gateway.sandbox.push.apple.com?
should my device token be without space and only characters?
I appreciate your help..
You have asked for an alternate approach. This alternate approach takes the process of triggering push notifications by the ejabberd server.
1. Use the mod_interact library. This will provide you an ability to transfer your messages to another url.
2. From there on you can use the direct HTTP call for push notifications

Hosting a keystonejs app with openshift

I keep getting a 503 but no errors in the log when trying to host my keystone.js app on openshift, has anyone successfully hosted a keystone app with them? Everything works fine on localhost.
I am using a fresh install of keystone.js with no blog or cloudinary.
Your providing very little information to give you a definitive answer. What options are you passing to keystone.init()? Are you using dotenv? If so, what are you setting there? Did you set any environment variables using rhc set-env?
I ask because a common (though not by far the only) culprit of 503 errors in Node.js applications on OpenShift is a port number overriding OpenShift's. Keystone looks at process.env.PORT before it looks at process.env.OPENSHIFT_INTERNAL_PORT. So, if you have PORT set on your .env or with rhc set-env it will take precedence over OPENSHIFT_INTERNAL_PORT.
I came across a similar question on the KeystoneJS Google Group. In that other case the developer had added a MONGODB cartridge to his app, but had not set the connection string for the cartridge in Keystone.
If this is your case as well you need to set the Keystone mongo option in Keystone.init() or using Keystone.set('mongo', 'connection_sring'). When you created the cartridge you got a url and some credentials. OpenShit passes these to your application in environment variables. You can build the mongo connection string as follows:
var connectionString = process.env.OPENSHIFT_MONGODB_DB_USERNAME + ":" + process.env.OPENSHIFT_MONGODB_DB_PASSWORD + "#" + process.env.OPENSHIFT_MONGODB_DB_HOST + '/' + process.env.OPENSHIFT_APP_NAME;
keystone.set('mongo', connectionString);
or
keystone.init({
...
mongo: connectionString,
...
});
Or you can use rhc set-env to set the MONGO environment variable as follows:
rhc set-env MONGO=http://{username}:{password}#{connection url}/{dbname} -a your_app_name
The connection url above is the one you got from OpenShift when you created the cartridge. If looks like a standard MONGODB url (e.g. mongodb://127.6.85.129:27017/).
These are just my best guesses, given that your question is a bit thin on details. You may want to post some more specifics so we can more accurately assess your problem.