Jump to content

Jean M

  • Content Count

  • Joined

  • Last visited

  • Days Won


Jean M last won the day on November 7

Jean M had the most liked content!

Profile Information

  • Location
  1. Hi, I've a blacklisted URL for testing purposes in SMC Policy and it was applied in the computer as we can see from the image. This was working previously (correctly blocking access to the site even through a terminal curl command), however, now it is failing. Any idea why? Thanks
  2. I was looking for other ways of getting this information (knowing what commands were run by a certain user of SMC Console), do you have any suggestion? The audit provides runTask logs and change task logs, but no information on the command. Looking at specific computer details, we see a list of events but for the run task we can only see the most recent command assigned to the task. Thanks.
  3. From this guide: https://help.eset.com/esmc_install/70/en-US/migration_assistant.html?clean_installation_same_ip.html I don't see any reference to DB configuration, do we use the same login/db as the old server? I'm assuming no information is lost in the DB when we start using the new server? Thanks.
  4. I've two cases, which are similar. 1) Fallback mechanism (active-active), from your comment it's not possible, OK. 2) Say I want to make an update on the server OS and for that I'll make a new server and install ESET SMC in it. Is there a way to make the transition from the old server to the new server without loosing data? Temporary offline is OK. I just recently saw this seems to be documented in https://help.eset.com/esmc_install/70/en-US/migration_assistant.html?migration_same_version.html, I'll need to make a more detailed read first to see if I've any doubts. Thanks!
  5. Hi, Is it possible to have two ESET servers (exact same version) running using the same DB? Thanks, Jean M
  6. Just an additional word on this for other users information. When we create a peer certificate in ESET we specify the validity period dates (start, end) be aware that it will assume 00:00 hours and minutes of start date. This means that if we created the custom root CA that is provided on the same day (for example 2019-11-12 13:20), very probably ESET will fail because it is trying to sign a certificate whose validity starts before that of root CA (2019-11-12 00:00).
  7. OK.. makes sense now... thanks!
  8. Hi, I'm trying to create a peer certificate (in this case the Server certificate) but it is failing with the following message: Failed to create certificate: Creating and signing peer certificate failed. Check peer certificate validity, certification authority validity and their overlap.: Trace info: CreatePeerCertificate: Peer certificate validity is not fully covered by certification authority validity It looks like some validation between the CA I provide and the certificate SMC is generating for signature is failing some validation. Could someone help me understand what are the requirements of both to make this work? The only difference compared to a CA generated from SMC is the number of bits of the RSA key.. Thanks!
  9. The doc says: The second phrase confuses because I associated the versions in parenthesis like 8.x to ODBC driver instead of 5.3.11. Also, I was mislead by: odbcinst --version We get 5.3.1 but now I realise this is not related to MySQL ODBC driver, it is related to other lib...
  10. After more hours of debugging I was able to narrow the issue to be related to libmyodbc. I was using v5.3.13 and failed but when I tried with v5.1.13 it works.. https://dev.mysql.com/get/Downloads/Connector-ODBC/5.1/mysql-connector-odbc-5.1.13-1.el6.x86_64.rpm
  11. The way I see it is that something is broken in the user login. Before the first login the users table has Administrator with native=1, auto_logout_time_in_minutes=10, password_expiration_interval_in_days=1500. After resetting the password these parameters become 0. Also note that the error message seems to be related to a "Native User" (system? service account?) Glad I'm not the only one with this problem.
  12. I tried to install a local MySQL v5.6 in the same server of ESET SMC Server. What I see happening is that in the first login it says the user needs to change password. I change the password and I'm unable to login. This also happened in the original setup (MySQL v5.7). Is this the expected behavior, requesting for password change on first login?
  13. Sorry, forgot to mention, I tried in two different browsers. One of them is clean. Also tried in anonymous browser session.
  14. I can see a procedure execution in MySQL: Execute CALL usp_security_users_get_by_login('Administrator' ) Also, enabling trace logging in ESET SMC Server, I get more error messages related: 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Login request received [UserName=Administrator] 4, Reported address: X.X.X.X :52472, Connection (webserver) address: ip-X-X-1-25.X.internal :52446 2019-11-06 12:20:47 Information: CServerSecurityModule [Thread 7f610502e700]: Authenticating user Administrator 2019-11-06 12:20:47 Information: CServerSecurityModule [Thread 7f610502e700]: Checking native user password 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Login failed [UserName=Administrator] AuthenticateNativeUser: Native user login failed 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Request handler asked to close connection. 2019-11-06 12:20:47 Error: CServerSecurityModule [Thread 7f610502e700]: AuthenticateNativeUser: Native user login failed Looking at the user table (tbl_security_users?) the password hash and salt change with the kb6849 procedure. My last resort is to verify this hash and salt against the password... Is there any other variable that would make the authentication fail? (like IP filtering, hostname...?) Also MySQL version is 5.7.26 and ODBC driver of version 5.3. The documentation says: MySQL database is supported up to version 5.7 and ODBC driver up to version 5.3.10. Upgrading to a higher version (5.3.11 or 8.x) of MySQL and ODBC driver is not recommended. Thanks!
  15. Ok I followed those steps previously from: https://support.eset.com/kb6849/?viewlocale=en_US However it still doesn't work. I was able to fix other GWT communication problem I was having, now I get in SMC Web page: "Invalid username or password". In the server the error remains. Is there any other log/debug/trace I could look into? Thanks
  • Create New...