• State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 25 subscribers
  • Views 827 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Solarwinds-Multiple logins to network nodes

jvarghese

Solarwinds is causing a multiple authentication request to our network nodes for last few days. After we shut down solarwinds, there are no authentication request comign to my tacacs server. After I bring it up, 1000's of authentication request.

Story : We login to our routers using our domain credential. Router uses tacacs server to authenticate the user after which user can login. Our solarwinds NCM is configured to use my domain credential (as a connection profile) to login and download the configs. Recently, my domain credentials were changed in our DC and hence solarwinds could not login to routers using my saved credential (connection profile in NCM). However I've updated the connection profile with the new credential. Infact as a good solution, I used another account so that solarwinds does not depend on my domain cred any longer. Long story short, same connection profile with updated credentials. The connection profile works and can download configs. However solarwinds seems to still login to routers (1000's of requests) with the same old credentials which is causing my domain account to lock causing me to unlock it everytime.

What could be causing this? Any old processes that is running behind?

Need help asap as my domain account is locking me out every 5 mins.

When I shut down solarwinds, my domain account is ALIVE until I solarwinds is back up.

  • 0

    So it sounds like it's happening basically right away when you turn on Orion?  That tells me its probably not part of the connection profiles in NCM because those are only used with the jobs run, normally once a day.  Other places you might have entered your creds would be the ASA or Nexus credential field under the edit nodes screen (theres no central place to manage this), depending on what other modules you have you could also have them entered in a few other places.  Probably your best bet is just to get on the phone with support and have them dig through your system looking for any places that your creds exist, there are LOTS of them and it would be hard to describe over the forum.

  • 0 in reply to mesverrum

    Hi, Thanks for the reply. We only have 4 ASA's in our netowork and none of them were using the credentials for that specific feature.

    I have got this resolved. I had to edit each node (105 nodes) and change the connection profile to use a new one. This fixed it. Solarwinds was no longer sending authentication request to routers to login.

  • 0 in reply to mesverrum

    I have evend tried one node at a time, and auth request were still coming in. The issue resolved after I deleted the connection profile itself. So , I had to update each node with new conn profile as I can't delete a USED conn profile. This sounds like a application related issue

  • 0 in reply to mesverrum

    You put your finger squarely on a sore spot for me--the fact that SW doesn't allow a person to globally change that CLI credential for multiple devices or device types.  Probably just as bad:  one must manually enter in the credentials separately for each device that will use them.

    I've submitted a Feature Request to let a person select CLI name and password from a drop-down, but that's only a tiny start at fixing a serious inconvenience.  One ought to be able to:

    • Admin > Node Management > Manage Nodes
      • Group by machine type or vendor, etc.
      • Select all the sorted nodes in a group
      • Select the CLI login name and password
      • Apply to all of the selected Nodes

    • Use logic to filter nodes by defined criteria and automatically apply the CLI credentials to them all via a dropdown for name and password.  An example of this might be if you included "CFW" in the names of all your Cisco Firewalls.  You'd use the logic to select "Node Name (or system name, or caption) contains 'CFW'"  and apply CLI login credentials to all of those devices.

    pastedImage_2.png

    This should also apply to ACI login credentials:

    pastedImage_1.png

  • 0 in reply to rschroeder

    Hopefully they consider the request. Would have saved 1 hour of my time.

  • 0 in reply to rschroeder

    Vote here if this request might help you or your peers in any way:

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.