To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Policy Manager Console - won't accept credentials - why?

inst
inst Posts: 2 Security Scout

I have a new installation of F-secure Policy Manager 10.20.46574 on an Ubuntu 12.4 LTE 64 bit server (added the Ubuntu standard GUI as it seems that Policy Manager Console needs an GUI). The Policy Manager Console Server seems to work but I have an issue with the Policy Manager Console Login routine - it keep telling me that my credentials are false.

 

On this machine I run the Policy Manager Console 10.20.46574 and the group fspmc exists and the user 'felsokning' is a member of that group. 

 

Further, I can sign in at the server console using this account 'felsokning' so the account and matching password works but Policy Manager Console keep telling me "Cannot connect to the server: authorization failed because invalid user credentials were specified."

 

What have I missed? Do the user 'felsokning' need to be member in more groups? Any suggestions? And yes, I've tried to reinstall the entire server and I have worked throug the manual  found in "F-seure Policy Manager - Adminstrators Guide - Using the product on Linus".

 

$ /opt/f-secure/fspmc/fspmc

 

Opens a java program  with a sign in form

----------------------------------

Connections: https://localhost

User name: felsokning

Password: ****

----------------------------------

 

Next, the error message occurs...

Comments

  • Jayson
    Jayson Posts: 106 Firewall Master

    Hi inst,

     

    Kindly verify if the user is added to "fspmc" user group.

     

    - Verify which groups the user belongs to:
    $ groups felsokning

     

    - To add this user to the fspmc group:
    $ sudo /usr/sbin/usermod -G fspmc,<current groups1,current group2 (as comma separated list)> felsokning

     

    Thanks.


    Best Regards,
    Jayson

  • inst
    inst Posts: 2 Security Scout

    Thanks for the reply Jayson, unfortunately this seems not to be the issue in my case...

     

    $ sudo -s
    # groups felsokning
    felsokning : felsokning fspmc

     

    So does the group exist as a group?

    # cat /etc/group
    ...
    fspmc:x:1004:...,felsokning
    ....

    obviously the group exists

    ... 
    let's start the x application from promt and se what'll happen

    $ sg fspmc -c /opt/f-secure/fspmc/fspmc

    /entering login credentials/

    Error message in popup window in x
    "Cannot connect to the server:
    authorization failed because invalid user credentials were specified."

     

    Looking up my settings for Policy manager console (Administrator.properties), selected rows below:
    fsa.comm.fsms1=https\://localhost
    fsa.loginDialog.concise=true
    fsa.session.userName=mikael
    ...

     

    Is the server up as expected?

    # /etc/init.d/fspms status
    F-Secure Policy Manager Server is running...

     

    Verifying this from a webbrowser, the server answers on port 80 and port 8080 with html code, my credentials are not valid in the login form on the 8080.

     

    Maybe I need to use the user 'mikael' as it is logged as fsa.session.userName?
    This user too is member of the fspmc group and trying to sing in using this user renders the very same error.

     

    Still confused...

  • Peter
    Peter Posts: 127 Threat Terminator

     

    Hi,

     

    Looks like you're trying to login to Policy Manager Console (PMC) using a Linux account and to clarify, Policy Manager has its own user database, separate from the Linux database. Try using the default 'admin' account when logging in to PMC. The password for this account was provided when executing the fspms-config script. Once you're logged into PMC, additional users can be added to the PM user db... :)

    Hope this helps!

  • mrjcam
    mrjcam Posts: 1 Security Scout

    I'm having the same issue here, I'm on windows and the login failure message keeps showing, and haven't changed anything.

  • AndyY
    AndyY Posts: 14 Cyber Knight

    Dear mrjcam,

     When was the last time you were able to login? The default username for Policy Manager is admin, you may wanna try to login using that username. If the issue persists, I would suggest you to open a Support Ticket:
    http://www.f-secure.com/en/web/home_global/support/contact

    Once you have open a SRID kindly update me so that I can help to solve your issue.

    Thanks.
    Best Regards,
    Andy Yoon

    ..........................................................................................................................................................................................................................
    Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

  • Pekko
    Pekko Posts: 13 Cyber Knight

    Hi mrjcam,

     

    You can try to reset the password for the user ID admin by executing the reset-admin-account.bat script located on C:\Program Files[ (x86)]\F-Secure\Management Server 5\bin

     

  • videna
    videna Posts: 1 Security Scout

    I have a  installation of F-secure Policy Manager 11.20 on Windows Server 2003, Enterprise. When I try to log on I receive the following message : "Connot connect to the server: could not access HTTP invoker remote service at https://localhost:8080/fspms/remoting/FspmsInstanceInfo ;nested exception is org.apache.http.client. HttpResponseExeption: Service Unavailable" . I restart Fspms service but no result. This is happaned after Windows update. Please help. 

     

      
  • Jayson
    Jayson Posts: 106 Firewall Master

    Hello,

     

    Your issue doesn't sounds like a credential issue but more like the services or connections issue instead based on the error "HttpResponseExeption: Service Unavailable".

     

    Could you open the Status Monitor from Start > All programs > F-Secure Policy Manager to verify the status and port number for administration module is OK?

     

    If that doesn't resolve your issue, kindly follow the steps here to fix it.

     

    Thanks.


    Best Regards,
    Jayson

This discussion has been closed.

Categories