Connecting servers after credential change
-
Good day. As part of our security plan I periodically change the access credentials on all of our servers, including the ones hosting XO and our VM environments. A few days ago I changed the root passwords on our XCP-ng servers, and since doing so am having issues getting XO to connect to them.
When coming to the XO home area, I'm presented with this:
Naturally, I go to Settings - Servers, to check and the credentials aren't working, as one would expect:
SESSION_AUTHENTICATION_FAILED(root, Authentication failure)So I go to the password field and enter the updated credentials. XO gives me a green checkmark, which I would expect means that the credentials are accepted.
However, the problem still persists. XO acts as though it doesn't have the correct credentials, and I'm unable to view/manage the servers or VMs.
If I'm missing a step here, please let me know! Not sure how to proceed at this point. I know the credentials are correct, as everything functions normally in the "heavy" Windows management client.
-
What is the red explanation mark saying?
-
@jedimarcus It's the authentication failure message.
SESSION_AUTHENTICATION_FAILED(root, Authentication failure)It's there before I change the credentials, and even though the green check seems to indicate that I've successfully changed them, apparently there's still an authentication failure. It seems as though XO is not properly saving the changes to the credentials.
-
did you try removing & adding the server?
-
@jedimarcus I thought of doing so and that was to be my next step, but I was afraid that this would mess up my configured backups. I'd rather find a solution to the particular problem and not mess up the backups if I can, rather than having to give up and delete/re-add.
-
Just disable your current and add the other one with the ip instead of the hostname or vice-versa. Just to be sure your API is responding correctly.
-
Have you tried disabling and then enabling the server following the password update?
-
@jedimarcus I tried disabling and then re-adding one of the servers by IP, this failed with a message that the server already exists.
@Danp This worked, but I had to disable all the servers, then start by re-enabling the master server first. If you didn't do so, the master couldn't re-join because XO thought the pool was already there.
Thank you folks, for your help. Looks like I just need to add the disable/re-enable bit to the process when changing credentials.
-
How many Pools do you have? How many Hosts?
If you have 1 XCP-ng Pool, you only need 1 entry in your XO Servers page, the master only.
-
@jedimarcus One pool, two host servers. So in that situation, you only need to connect the master server? Interesting. Thank you for the info!
-
@LEB-ID Yes, in XO > Settings > Servers should only have a single entry.
Once connected
XO > Home > Hosts should display your 2 servers
-
@jedimarcus Got it, thank you again. Labeling that part of the settings as 'Servers' is a bit confusing in this case. Perhaps the XO team might want to label that as 'Pools' instead?
-
Or perhaps add a warning when you attempt to add a non-master server to the list?
-
We already have a warning if you try to add a server that's already connected. At least since 3 or 4 release I think.
edit: you need to disable/enable your server when you change the pwd.
-
@LEB-ID It's called Add new Server in XCP-ng Center too... old habits die hard. But Pools is not the right word either. It's hard coming up with something short and precise.
