01-07-2021 08:49 AM
Hello,
I am having trouble getting access to the CLI of the leaf and spine switches of my ACI fabric. I know you can perform show commands via the apic fabric command set but I am looking to execute the contract_parser.py script on the leafs to troubleshoot contracts and check out the viability of the tool that is supposedly included in the ACI image 3.2+ . Any login that I used I recieve a permission denied in the event log. APIC locally configured users and LDAP users aren't working. Any ideas or tips on how to tshoot?
(Source for contract_parser info: https://github.com/agccie/aci-contract-parser)
Solved! Go to Solution.
01-12-2021 12:56 PM
01-07-2021 10:10 AM
Hi,
Can you login to your apic via ssh and once you logged in, can you perform <<show switch>> and try to perform the following command <<attach leafname>> ?
Also verify if ssh is enabled as mgmt access through the gui -> Fabric > Fabric Policies > Policies > Pod > Management Access ?
cheers
Alexander
01-07-2021 10:26 AM
Thanks for the reply. The command executes and SSH command to the leaf but it still has a login prompt which none of my login credentials work for. SSH is enabled in the management access in fabric policies.
Could this have something to do with the leafs OOB/INB mgmt connectivty for LDAP auth (my current primary auth method) or something?
01-07-2021 10:38 AM
You can specify the domain during ssh << ssh -l apic#fallback\\admin 10.10.10.1 >>, this will use local authentication.
cheers
01-11-2021 09:34 AM
01-11-2021 11:35 PM
01-12-2021 12:56 PM
01-12-2021 11:16 PM
Even though you should always be able to login with the <<ssh -l apic#fallback\\admin >> command if the leafs have been provisioned correctly or through the gui with username << apic:fallback\\admin >>.
But glad you have sorted it out!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide