[8.065][BUG][OPEN] Issue with ACC Shared Secret

Just noticed this (it also happens in 8.002 and 8.003, but not in 7.507): When accessing an Astaro that is already connected to your ACC using Authentication via the Shared SecretIf you open up the Astaro Command Center Tab, and uncheck one of the feature areas (Administration, Reporting, Monitoring, Configuration) and click apply, the password field is somehow blanked or modified; the unit loses connection to ACC because of a bad password. Manually re-entering the password and clicking apply restores the connection.

Just clicking a checkbox or two in there, or just clicking apply, shouldn't result in the password being invalidated. This is not an issue in 7.507.

Parents

0 Astaro Beta Bot over 14 years ago

Astaro Beta Report
--------------------------------
Version: 8.065
Type: BUG
State: ACKNOWLEDGED/OPEN
Reporter: BrucekConvergent+
Contributor: 
MantisID: 15717
Target version: 
Fixed in version: 
--------------------------------

0 rleibl over 14 years ago in reply to Astaro Beta Bot
Hi Bruce

I cannot reproduce this. Here is what I do in case I didn't make it right:

Go to Management -> Central Management
Enter an 'ACC Host'
Check 'Authentication'
Enter a password
Click 'Apply'
------ The agent is now running ---------
Uncheck 'Administration' (e.g.)
Click 'Apply'
If I understand correctly, the field containing the authentication
passwords should now be greyed out. But that does not happen with my
installation.

Can you please confirm that those are the steps you took, and that the problem
still exists.

cheers
robert
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 BrucekConvergent over 14 years ago in reply to rleibl

I guess the difference would be that I didn't do it in the same browser session as I used when I originally setup ACC access... it sounds like you tested it all at once. All I know is that I was going through a bunch of ASG units we manage (mostly 7.507 units) and all of the ones that were running 8.*** (including a test unit running 8.065) lost communications with the ACC after changing that setting... the setting I was changing, in particlular, was the reporting checkbox. I found that they were failing due to an incorrect Secret, so i reset that manually, and things started working again. Playing around with it, I found that checking / unchecking that box messed up the credentials. I'll test this again once our test unit is back up (on 8.070).

Oh, and the password fields don't gray out; i think the content (in the gui) is blanked under the anonymizer dots... it looks like something is in there at the time, but, in reality, I think it gets blanked during the checkbox changing process... remember, i am doing this to a unit that has been running for some time, I don't think this is an issue during initial configuration, it's going back, after the fact, and changing the checkbox that caused the problem.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 BrucekConvergent over 14 years ago in reply to BrucekConvergent

Absolutely Confirmed on 8.070 as described above, with both Firefox and IE 8.. started a fresh IE (or Firefox) session, logged onto ASG already connected ACC, checked or unchecked a box (I used the Reporting Checkbox), clicked Apply, and shortly thereafter, the status window at the bottom showed bad password. Re-Enter ACC secret, hit apply again, all better.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 kbr over 14 years ago in reply to BrucekConvergent

Do you have your browsers configured in a way that they automatically fill out forms?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 kbr over 14 years ago in reply to BrucekConvergent

Do you have your browsers configured in a way that they automatically fill out forms?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 BrucekConvergent over 14 years ago in reply to kbr

Form Autocompletion is turned off... I've been able to confirm this from different workstations and on several different 8.*** ASG units.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel