In the nnm.log logfile, what does the message "Authentication not available for user abc ...dropping trap" mean?

In the nnm.log logfile, what does the message "Authentication not available for user abc ...dropping trap" mean? 

Typically I get "Authentication failure" messages in the nnm.log logfile from devices that are misconfigured, however I don't know what the "Authentication not available" means.

The user listed is configured in NNMi communications section with the correct uid/pw and protocols and the settings match those configured on the Unity storage device.

Trapping was working from that device to NNMi prior to a hardware upgrade on the Unity device.

Any help is greatly appreciated.

Thanks

Stephen

  • Suggested Answer

    0  

    Hello Stephen,

    Looks like for whatever reason Trap parsing fails (assume SNMPv3 traps). You could try to capture problem traps with tcpdump, load in Wireshark, enter correct user credentials to see if Wireshark could parse the traps correctly. Then update credentials and may be V3 protocols in NNMi for user 'abc.

    Best regards,
    Sergey

  • 0 in reply to   

    If the credentials are wrong, I do get a message about invalid credentials. I have not been able to find anyone who can tell me what the "authentication is NOT AVAILABLE" message means.  Once I get that message, the uid/pw combination that I am trying to use never works again. All I ever get for that uid/combination is "Authentication not available" messages.  I have an open ticket at MicroFocus and they do not have an answer for me yet either. 

    Just hoping someone has seen that message before and knows something about it. 

    Cheers!

    Stephen  

  • 0   in reply to 

    "Authentication not available for user abc " is kind of a generic message. It might mean for example, engineID in cache does not match what a device sends. This could happen because there was a hardware change on the device. Try to run

    /opt/OV/support/nnmtwiddle.ovpl invoke com.hp.ov.nms.snmp:name="StagedSnmp Statistics" printV3EngineParameterCache | grep <deviceIP>

    where <deviceIP> is an IP address of the device. Check engineID and user name are correct. You can also try to clear SNMPv3 parameter cache with

    /opt/OV/support/nnmtwiddle.ovpl invoke com.hp.ov.nms.snmp:name="StagedSnmp Statistics" clearV3EngineParameterCache

    This will clear parameters for all devices, but the cache will be re-populated automatically. In rare cases NNMi is not capable to discover engineID (usually device problem). We can configure engineID by adding the line below to the file /var/opt/OV/shared/nnm/conf/props/nms-communication.properties

     com.hp.nnm.snmp.engineid.file=/var/opt/OV/shared/nnm/conf/node_engineIDs.txt

     Example of a configuration line in the file node_engineIDs.txt (IP,port,engineID)

     10.23.97.14,161, 80 00 06 34 03 00 50 56 a3 6a 3d

    Restart NNMI services.

    Best regards,
    Sergey

  • 0  

    Hi, 

    is user "abc" name correct in SNMP trap i.e. not garbled? Do you know if some other device is sending traps with user name "abc"? Are these traps dropped or accepted?
    If all traps with user abc are dripped - can you try to delete use from NNMI communicaiotn settings and recreate it.

    I managed to reproduce the same error / My NNMi server is runing SNMPv3 agent and is included in NNMI inventory i.e. discovered, so fired trap with users XYZ and abc directly from NNMi server CLI. Users abc and XYZ are not in my NNMi  communications settings. As a result  following records are seen in the log:

    2024-06-05 10:32:56.622 WARNING [com.hp.ov.nms.trapd.NMTrapData] (Thread-22 (group:HornetQ-client-global-threads-1290391199)) Failed to parse trap from /10.10.253.30: Authentication not available for user XYZ
    2024-06-05 10:32:56.622 WARNING [com.hp.ov.nms.trapd.MessageProcessor] (Thread-22 (group:HornetQ-client-global-threads-1290391199)) com.hp.ov.snmp.exceptions.AuthException: Trap parsing failed. Authentication not available for user XYZ. Dropping trap from /10.10.253.30.
    2024-06-05 10:32:56.622 WARNING [com.hp.ov.nms.trapd.NMTrapData] (Thread-22 (group:HornetQ-client-global-threads-1290391199)) Failed to parse trap from /10.10.253.30: Authentication not available for user abc
    . . . .

    Trap with existing user, bad password  is sent:
    024-06-05 10:32:56.622 WARNING [com.hp.ov.nms.trapd.MessageProcessor] (Thread-22 (group:HornetQ-client-global-threads-1290391199)) com.hp.ov.snmp.exceptions.AuthException: Trap parsing failed. Bad authentication code for user NetMgr, Engine id = 80 00 1F 88 80 C9 56 C0 03 FF 3E 1E 61 00 00 00 00. Dropping trap from /10.10.253.30.

    my 2 cents,
    Gedas

  • 0   in reply to   

    Hello Gedas,

    Thank you for the update. I thought you typed 'abc' user name as a fake one. If "abc" is exactly what you see in the message it means a device sends traps with the user 'abc' and the error makes sense. I would recommend contacting a network admin to check the configuration of a device. What is a vendor/model of the device? A quick search reveals it seems Huawei devices like to use abc## user names/groups but may be it is just a coincidence. And, no we did not see such specific user like 'abc' in the same messages yet.

    Best regards,

    Sergey