cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
836
Views
0
Helpful
1
Replies

DNA Local Accounts No Longer Working After MAGLEV Password Reset

AntDPre
Level 1
Level 1

Hello Community,

 I had to mount the Ubuntu Desktop image via the CIMC vKVM to do a Maglev password reset. This is all I did. Nothing else. After resetting the Maglev password and warm restarting the system I am no longer able to log into the DNA Center Web UI with any of my local accounts. Everything was working fine previously. I have cleared my browser cache, used a different browser, attempted to SSH into DNA via Maglev and Powershell using the credentials for my local accounts but nothing is working. I am getting the "Invalid Login Credentials" error when trying to log in via the Web UI or Maglev and "Permission denied. Please try again." when SSHing via Powershell. I know the credentials are correct.

sudo maglev-config certs info shows me that my certificates are valid. 

magctl rbac external_auth_fallback display shows me "false" which tells me that it its not an issue with AAA services not falling back to local accounts for authentication. 

I am at a loss. As I said, all I did was mount the Ubuntu Desktop image, change the Maglev password, and then warm reset the system. 

Does anyone have any suggestions as to what may be causing this issue? I was just about to finish deploying the device for a production environment and now I am stuck. 

Any help would be greatly appreciated. 

1 Accepted Solution

Accepted Solutions

AntDPre
Level 1
Level 1

Okay so I still do not know what caused the issue but here is the solution:
using the Maglev shell, check to see if external authentication fallback is enabled: 

magctl rbac external_auth_fallback display

{
"response": {
"enabled": false
}
}

If enabled = false , enable with:

magctl rbac external_auth_fallback enable

This allowed me to be able to log in via the Web UI. 

 

View solution in original post

1 Reply 1

AntDPre
Level 1
Level 1

Okay so I still do not know what caused the issue but here is the solution:
using the Maglev shell, check to see if external authentication fallback is enabled: 

magctl rbac external_auth_fallback display

{
"response": {
"enabled": false
}
}

If enabled = false , enable with:

magctl rbac external_auth_fallback enable

This allowed me to be able to log in via the Web UI. 

 

Review Cisco Networking for a $25 gift card