10-18-2021 01:26 AM
I'm getting "undefined" credential when I try to configure ACI application. When I run quick discovery against the IP address to confirm if it's access related issue, it is not.
Below are the steps I took:
When I tried to click Cisco ACI Discovery and check the Application log:
<parameters> <parameter name="skip_sensor" value="true"/> <parameter name="probe_name" value="CiscoACIDiscoveryRun"/> <parameter name="glide.jms.url" value="10.10.10.10"/> <parameter name="glide.jms.auth_type" value="External"/> <parameter name="glide.jms.monitor_id" value="88b99b811bdfb810bb2343fccc4bcbd1"/> <parameter name="glide.jms.enable_proxy" value="false"/> <parameter name="glide.jms.credential" value="undefined"/> <parameter name="glide.jms.ipset_sysid" value="7ee89fb01b8bf8d0bb3143fddd4dedec7"/>
</parameters> <results error="TypeError: Cannot convert null to an object." probe_time="23" result_code="900000"><result/><parameters><parameter name="agent" value="mid.server.midserver1"/><parameter name="source" value=""/><parameter name="skip_sensor" value="true"/><parameter name="sys_id" value="7ee89fb01b8bf8d0bb3143fddd4dedec7"/><parameter name="from_host" value=""/> <parameter name="glide.jms.url" value="10.10.10.10"/><parameter name="sys_created_on" value="2021-10-18 07:20:59"/><parameter name="sys_domain" value="global"/><paramete r name="state" value="ready"/><parameter name="glide.jms.auth_type" value="External"/> <parameter name="probe_name" value="CiscoACIDiscoveryRun"/><parameter name="response_to" value=""/><parameter name="glide.jms.ipset_sysid" value="7ee89fb01b8bf8d0bb3143fddd4dedec7"/><parameter name="from_sys_id" value=""/> <parameter name="priority" value="2"/><parameter name="agent_correlator" value=""/> <parameter name="glide.jms.credential" value="undefined"/><parameter name="glide.jms.enable_proxy" value="false"/><parameter name="processed" value=""/> <parameter name="error_string" value=""/><parameter name="sequence" value="17c924666ca0000001"/><parameter name="glide.jms.monitor_id" value="7ee89fb01b8bf8d0bb3143fddd4dedec7"/><parameter name="name" value="CiscoACIDiscovery"/><parameter name="topic" value="JavascriptProbe"/><parameter name="queue" value="output"/><parameter name="ecc_queue" value="80b99b811bdfb810bb3143fccc4bcbc3"/></parameters></results>
I've tried to change the Authentication Type to "Local" and after entering the username and password, I'm getting "Error while generating token from APIC.
Anyone else having the same issue? How did you resolve it? Appreciate your inputs Thanks!
Cheers,
Sheryn
10-19-2021 06:55 AM
Hi Sheryn,
This could be an issue with special characters not being accepted by the Service Now application on ACI. Can you test with a simple (no special characters) password? Also include the version of SNOW app you're using.
Some additional items to check/verify:
1. Check the MID server user has below mentioned roles:
**Restart the MID server after assigning roles to MID Server user.
2. Ensure the MID server is validated. How to validate the MID Server
3. Check the Connectivity between MID server & APIC:
curl --location --request GET "https://<<APIC_IP/>>"
4. Test the credentials assigned in the ServiceNow configuration by logging into an APIC with them.
5. If you are using the remote authentication and have login domain in APIC, then create a record by following below steps:
6. Enable the debug logs for MID Server by following below steps:
Robert
10-20-2021 08:00 PM - edited 10-20-2021 08:47 PM
Thanks, Robert! Much appreciated! I've posted anywhere and you're the only one that replied
We're on Quebec version.
I've tried all the steps above and made sure the credentials don't have special characters. We used the Authentication Type "External credential" and from the External credential tab, we selected the credential we created in Discovery > Credential. See below:
If we choose Authentication Type "Local", is the account needs to be created in APIC by our Cisco Team? If so, can you guide me how to create one, what type of permissions to provide, and how we can give it access to our mid server? I tried finding instructions online and provided it to our Cisco Team and it doesn't seem be the right one.
I look forward to hearing from you soon!
Thanks!
Sheryn
10-21-2021 05:20 AM
Sheryn,
Did you install the Orchestration Plugin in ServiceNow?
I'm assuming you followed this guide > https://store.servicenow.com/appStoreAttachments.do?sys_id=dbfb1a10db7f9c50a2a4f5471d961921
Also have you installed the ACI-side App? The team that managed ACI will need to do this for you. https://store.servicenow.com/sn_appstore_store.do#!/store/application/56fe817b0f4caa003ac788cce1050e4d/1.7.0
Robert
10-24-2021 10:29 PM
Hi Robert,
I have installed both Cisco ACI Application and Cisco ACI Orchestration and followed the installation guide.
I don't know what else to check as I have verified everything and followed the steps you suggested in your first comment. Our last option is to have our Cisco Team create an APIC local user and provide the information to us so I could use the Authentication Type "Local" when configuring ACI.
Thanks,
Sheryn
08-07-2023 12:53 PM
I ran into the same issue as the OP here. The problem in our case was that we were using a self-signed certificate on the APIC. The fix is either to use a trusted cert on the APIC or follow this guide to create an exception for the APIC:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide