Jean M 7 Posted November 5, 2019 Share Posted November 5, 2019 Hi, I'm getting this error in SMC Server: 2019-11-05 17:54:01 Error: CServerSecurityModule [Thread 7fac737fe700]: AuthenticateNativeUser: Native user login failed And the SMC Web console: Login failed: Communication error Does anyone know how to fix this? Thanks! QuintinZA 1 Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted November 5, 2019 ESET Staff Share Posted November 5, 2019 I would recommend to perform installation repair, which will reset password of "Administrator" account to new value if requested by specific installer parameter. In case it won't help, please try to use only basic characters/numbers in password or double check proper escaping of it, to be sure correct password is set and used for login. Also from login it seems that you are using standard ESMC account to log-in. In case domain login was supposed to be used, please use respective checkbox in login screen. Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 5, 2019 Author Share Posted November 5, 2019 Ok I followed those steps previously from: https://support.eset.com/kb6849/?viewlocale=en_US However it still doesn't work. I was able to fix other GWT communication problem I was having, now I get in SMC Web page: "Invalid username or password". In the server the error remains. Is there any other log/debug/trace I could look into? Thanks Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted November 6, 2019 ESET Staff Share Posted November 6, 2019 Could you possible check with different browser? Also what environment you are actually using - installation on Linux with MySQL database (beware that MariaDB is not supported). Could you double check you installed proper version of console and ESMC server? Both has to be from ESMC 7.0 bundle - but I guess this is not a problem in case it is clean installation without possible upgrade issues. Regarding other questions, there is no other log as it is sensitive. From provided logs it seems that password is indeed invalid, or user name is wrong. Are you using account "Administrator" with password you entered during installation? Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 6, 2019 Author Share Posted November 6, 2019 (edited) I can see a procedure execution in MySQL: Execute CALL usp_security_users_get_by_login('Administrator' ) Also, enabling trace logging in ESET SMC Server, I get more error messages related: 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Login request received [UserName=Administrator] 4, Reported address: X.X.X.X :52472, Connection (webserver) address: ip-X-X-1-25.X.internal :52446 2019-11-06 12:20:47 Information: CServerSecurityModule [Thread 7f610502e700]: Authenticating user Administrator 2019-11-06 12:20:47 Information: CServerSecurityModule [Thread 7f610502e700]: Checking native user password 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Login failed [UserName=Administrator] AuthenticateNativeUser: Native user login failed 2019-11-06 12:20:47 Information: ConsoleApiModule [Thread 7f60b57d2700]: 1128 Request handler asked to close connection. 2019-11-06 12:20:47 Error: CServerSecurityModule [Thread 7f610502e700]: AuthenticateNativeUser: Native user login failed Looking at the user table (tbl_security_users?) the password hash and salt change with the kb6849 procedure. My last resort is to verify this hash and salt against the password... Is there any other variable that would make the authentication fail? (like IP filtering, hostname...?) Also MySQL version is 5.7.26 and ODBC driver of version 5.3. The documentation says: MySQL database is supported up to version 5.7 and ODBC driver up to version 5.3.10. Upgrading to a higher version (5.3.11 or 8.x) of MySQL and ODBC driver is not recommended. Thanks! Edited November 6, 2019 by Jean M Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted November 6, 2019 ESET Staff Share Posted November 6, 2019 49 minutes ago, Jean M said: Looking at the user table (tbl_security_users?) the password hash and salt change with the kb6849 procedure. My last resort is to verify this hash and salt against the password... Is there any other variable that would make the authentication fail? (like IP filtering, hostname...?) There should be no other variables. IP address could possibly result in locked-out account, but logs indicates that password is wrong. My last idea based on history is that there are certain browser plugins or third-party applications that could interfere and send wrong password. Are you using any kind of password manager os similar tools / plugins? Is it possible to verify login from "clean"browser? Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 6, 2019 Author Share Posted November 6, 2019 Sorry, forgot to mention, I tried in two different browsers. One of them is clean. Also tried in anonymous browser session. QuintinZA 1 Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 6, 2019 Author Share Posted November 6, 2019 I tried to install a local MySQL v5.6 in the same server of ESET SMC Server. What I see happening is that in the first login it says the user needs to change password. I change the password and I'm unable to login. This also happened in the original setup (MySQL v5.7). Is this the expected behavior, requesting for password change on first login? QuintinZA 1 Link to comment Share on other sites More sharing options...
QuintinZA 0 Posted November 6, 2019 Share Posted November 6, 2019 I am seeing the exact same thing here today. Install Eset ERA server, install the web console. Open console for the first time, try and log in and it immediately prompts that the user password has expired. Reset the password, and trying to log in immediately responds with incorrect password. Logs say the same - 2019-11-06 18:34:02 Information: Kernel [Thread 7f7f515a3080]: Started module AuthenticationModule (used 2976 KB) 2019-11-06 18:34:02 Information: Kernel [Thread 7f7f515a3080]: Starting module CEncryptionModule 2019-11-06 18:34:02 Information: Kernel [Thread 7f7f515a3080]: Started module CEncryptionModule (used 0 KB) 2019-11-06 18:34:02 Information: Kernel [Thread 7f7f515a3080]: Used memory after modules start-up is 185696 KB 2019-11-06 19:17:16 Error: CServerSecurityModule [Thread 7f7f31ffb700]: AuthenticateNativeUser: User must change password 2019-11-06 19:17:38 Error: CServerSecurityModule [Thread 7f7f31ffb700]: AuthenticateNativeUser: Native user login failed 2019-11-06 19:17:49 Error: CServerSecurityModule [Thread 7f7f31ffb700]: AuthenticateNativeUser: Native user login failed 2019-11-06 19:18:18 Error: CServerSecurityModule [Thread 7f7f31ffb700]: AuthenticateNativeUser: Native user login failed I have tried re-installing and tried various versions of platform. This has failed with: Ubuntu 16.10 with Tomcat 7 and 9, and Openjdk 7, 8 and 9 Ubuntu 18.04 with Tomcat 8 and 9, and Openjdk 8 and 11. ^^ Both these installers are using the era.war from https://download.eset.com/com/eset/apps/business/era/webconsole/v7/latest/era.war and the era server from https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh Curiously last week during testing I was able to get a working install on an Ubuntu 19.10 install with the latest versions of openjdk and tomcat and was able to work and test the environment. I rolled back server versions and environment to be as close to the officially supported versions of software for our production ERA install and now I have been stuck with variations of this issue for most of yesterday and today. Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 7, 2019 Author Share Posted November 7, 2019 (edited) The way I see it is that something is broken in the user login. Before the first login the users table has Administrator with native=1, auto_logout_time_in_minutes=10, password_expiration_interval_in_days=1500. After resetting the password these parameters become 0. Also note that the error message seems to be related to a "Native User" (system? service account?) Glad I'm not the only one with this problem. Edited November 7, 2019 by Jean M QuintinZA 1 Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 7, 2019 Author Share Posted November 7, 2019 After more hours of debugging I was able to narrow the issue to be related to libmyodbc. I was using v5.3.13 and failed but when I tried with v5.1.13 it works.. https://dev.mysql.com/get/Downloads/Connector-ODBC/5.1/mysql-connector-odbc-5.1.13-1.el6.x86_64.rpm QuintinZA 1 Link to comment Share on other sites More sharing options...
QuintinZA 0 Posted November 7, 2019 Share Posted November 7, 2019 6 minutes ago, Jean M said: After more hours of debugging I was able to narrow the issue to be related to libmyodbc. I was using v5.3.13 and failed but when I tried with v5.1.13 it works.. https://dev.mysql.com/get/Downloads/Connector-ODBC/5.1/mysql-connector-odbc-5.1.13-1.el6.x86_64.rpm I'll test with the tarball now and report back. Link to comment Share on other sites More sharing options...
QuintinZA 0 Posted November 7, 2019 Share Posted November 7, 2019 56 minutes ago, Jean M said: After more hours of debugging I was able to narrow the issue to be related to libmyodbc. I was using v5.3.13 and failed but when I tried with v5.1.13 it works.. https://dev.mysql.com/get/Downloads/Connector-ODBC/5.1/mysql-connector-odbc-5.1.13-1.el6.x86_64.rpm Right, I downgraded the ODBC driver and now the install works I was able to log in successfully. My tarball came from here: https://dev.mysql.com/downloads/connector/odbc/5.1.html I really appreciate your help with this! Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted November 7, 2019 ESET Staff Share Posted November 7, 2019 1 hour ago, Jean M said: After more hours of debugging I was able to narrow the issue to be related to libmyodbc. I was using v5.3.13 and failed but when I tried with v5.1.13 it works.. https://dev.mysql.com/get/Downloads/Connector-ODBC/5.1/mysql-connector-odbc-5.1.13-1.el6.x86_64.rpm Just to clarify: have you used MySQL ODBC driver 5.3.13 for whole time? Asking because you cited our documentation that explicitly mentions that ESMC won't work with driver newer than 5.3.10. Versions released later introduced significant changes and issues that affected ESMC stability, it was actually mostly crashing, so I am surprised even data "corruption" is possible, which might be even worse. Link to comment Share on other sites More sharing options...
Jean M 7 Posted November 7, 2019 Author Share Posted November 7, 2019 The doc says: Quote MySQL database is supported up to version 5.7 and ODBC driver up to version 5.3.10. Upgrading to a higher version (5.3.11 or 8.x) of MySQL and ODBC driver is not recommended. The second phrase confuses because I associated the versions in parenthesis like 8.x to ODBC driver instead of 5.3.11. Also, I was mislead by: odbcinst --version We get 5.3.1 but now I realise this is not related to MySQL ODBC driver, it is related to other lib... Link to comment Share on other sites More sharing options...
Recommended Posts