Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1090
Views
0
Helpful
2
Replies

Unable to log into console with local auth after 3.1(2e) upgrade

Brad_80
Level 1
Level 1

‎02-16-2017 10:42 AM - edited ‎03-01-2019 01:04 PM

I have 2 environments that were recently upgraded to 3.1(2e). After upgrading, I've found that logging into the CLI with local accounts is failing. It is also failing if I have the console auth set to local, and pass along my auth domain to log in via LDAP credentials, eg. using ucs-<authdomain>\<username>. The only way I can log into the CLI is if I change the native authentication to LDAP and log in with an AD account. My other environments that are running 3.1(2b) still work normally. Is this a known issue in 3.1(2e)? I'm not seeing it in the open caveats of the 3.1(2e) release notes nor am I finding anything in the bug tracker. It's not a significant issue for us so I haven't bothered to engage TAC yet...just wondering if others are seeing this issue as well.

0 Helpful
2 Replies 2

Wes Austin
Cisco Employee
Cisco Employee

‎02-16-2017 10:51 AM

Hey Brad,

I would enable some ldap debugging and see what is happening when the login fails and subsequently when the login is successful and compare the outputs.

http://www.cisco.com/c/en/us/support/docs/servers-unified-computing/ucs-infrastructure-ucs-manager-software/200092-UCSM-LDAP-Troubleshooting-guide.html

I cant think of any bugs off the top of my head, but if LDAP is native, you usually need to select the "local" dropdown when you login to use non-LDAP "admin" account.

HTH,

Wes

0 Helpful

Brad_80
Level 1
Level 1
In response to Wes Austin

‎02-16-2017 05:28 PM

Hey Wesley,

Thanks for your reply. Just to clarify, this is more an issue with logging into the CLI with local accounts than an LDAP issue from what I am seeing. I have created multiple local accounts and am unable to log in via SSH using any of them. This is the case whether native authentication for the console is set to Local or when set to LDAP and using "ucs-Local\<username>" to log in.

There is a problem with logging in with LDAP credentials when native authentication for console sessions is set to Local, but I suspect that to be an artifact of the overall local login issue I'm seeing. I can log into the GUI with LDAP credentials, and I can log into the CLI with LDAP creds if I set native auth to LDAP. I'll do some digging and see what debug I might be able to turn up to get more insight into where this is failing.

Thanks,

Brad

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card