Topic: admin autherization failure after restore on new hardware

[cb-wizard]

Hi,

Need to upgrade client's server hardware  to new hardware, sme v7.

Client on sme since about 2000, various versions.

Backup to desktop and/or USB disk, restore onto new hardware - fresh install sme v7 produces above error.


As test:
Clean install of v7, copied some data, backed up and restore to clean v7 do not produce the above error.


How do I move to the new server hardware?

Cant access server manager from console or workstation PC.

Root logon O.K.

Thanks
Chris

[mmccarn]

You can change the admin password manually from a root prompt using:

# passwd admin
Changing password for user admin.
Enter new UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

Are you following all the steps in Upgrading vs new install + restore? (Note: this link points to entry #49 on page 4 of a very long discussion...)

[cb-wizard]

Changing the password was my first action, confirmed password was changed but not able to logon.

I used backup to desktop and also dar.

Both give the same error, seems some permission somewhere.  

This is on a system that has been upgraded from way back when to version 7.  Clean test setup v6 to v6.5 then to v7 produce the same errors. v7 to v7 clean no errors.

I did not follow the steps in the post, I was not aware that there may be errors.  All my other servers backed-up and restored fine on hardware upgrades.

I do not have the old server with me, only backup sets from desktop backup and dar, server working at client site for about 300 users.

[mmccarn]

Here are some file fragments that might affect your issue.  

Also, I had problems with the first SME7 I setup when I selected a password containing the "&" character during installation - the install routine did something funny and the password was not what I expected.  Have you tried using "passwd admin" to set a very simple password for admin?

Lastly, I've included detailed listings of some of the folders involved in server-manager in case my permissions are different from yours. This system *does* have the 2006-11-07 updates installed.

/var/service/httpd-admin/run:

Code: [Select]

#!/bin/sh
#----------------------------------------------------------------------
# copyright (C) 1999-2004 Mitel Networks Corporation
#----------------------------------------------------------------------

config=/etc/httpd/admin-conf/httpd.conf

[ -e $config ] || exit 1

exec 2>&1
exec chpst -P /usr/sbin/httpd-admin -f $config -D FOREGROUND

/etc/httpd/admin-conf/httpd.conf (partial):

Code: [Select]

<Directory "/etc/e-smith/web/panels/manager/html" >
    Options Includes Indexes FollowSymLinks ExecCGI
    AllowOverride None
    order deny,allow
    deny from all
    allow from 127.0.0.1 192.168.100.0/255.255.255.0
    AuthName "Server manager"
    AuthType Basic
    AuthExternal pwauth
    require user admin
    SetEnv IMGHDR_SRC "/server-common/server-manager.jpg"
    Satisfy all
</Directory>

<Directory "/etc/e-smith/web/panels/manager/cgi-bin">
    Options Includes Indexes FollowSymLinks ExecCGI
    AllowOverride None
    order deny,allow
    deny from all
    allow from 127.0.0.1 192.168.100.0/255.255.255.0
    AuthName "Server manager"
    AuthType Basic
    AuthExternal pwauth
    require user admin
    SetEnv IMGHDR_SRC "/server-common/server-manager.jpg"
    Satisfy all
</Directory>

Code: [Select]

ls -la /etc/e-smith/web
total 20
drwxr-xr-x   5 root root  4096 Aug 19 08:15 .
drwxr-xr-x  17 root root  4096 Nov 10 19:41 ..
dr-xr-x---   3 www  admin 4096 Nov 10 19:40 common
dr-xr-x---   2 root admin 4096 Nov 10 19:28 functions
dr-xr-x---   4 root admin 4096 Aug 19 08:15 panels

Code: [Select]

ls -la /etc/e-smith/web/common
total 152
dr-xr-x---  3 www  admin  4096 Nov 10 19:40 .
drwxr-xr-x  5 root root   4096 Aug 19 08:15 ..
-rwxr-xr-x  1 root root    882 Nov 20  2005 banner-shim.gif
-rw-r--r--  1 root root    520 Jun 19  2003 checkmark.jpg
drwxr-xr-x  2 root root   4096 Nov 10 19:40 css
-rw-r--r--  1 root root   6093 Nov 20  2005 e-smith-pb.gif
-rw-r--r--  1 root root   1008 Aug 21 16:21 foot.tmpl
-rw-r--r--  1 root root   2716 Sep  7 20:14 head.tmpl
-rw-r--r--  1 root root    616 Nov 27  2002 mitel_logo.gif
-rwxr-xr-x  1 root root   4113 Nov 20  2005 mitel_logo.jpg
lrwxrwxrwx  1 root root      9 Aug 21 16:11 noframes_foot.tmpl -> foot.tmpl
lrwxrwxrwx  1 root root      9 Aug 21 16:11 noframes_head.tmpl -> head.tmpl
-rw-r--r--  1 root root   5749 Jan  5  2006 product_logo.jpg
-rwxr-xr-x  1 root root  24334 Jan  5  2006 server-manager.jpg
-rw-r--r--  1 root root    942 Nov 21  2002 sl_icon.gif
-rw-r--r--  1 root root   5413 Jul 16 17:19 smeserver_logo.gif
-rw-r--r--  1 root root   6447 Jul 16 17:19 smeserver_logo.jpg
-rw-r--r--  1 root root     43 Nov 21  2002 spacer.gif
-rw-r--r--  1 root root   5000 Nov 20  2005 special-edition.jpg
-rw-r--r--  1 root root   9305 Nov 20  2005 stop.jpg
-rw-r--r--  1 root root    474 Jun 19  2003 tickmark.jpg
lrwxrwxrwx  1 root root      9 Aug 21 16:11 userpassword_head.tmpl -> head.tmpl
-rwxr-xr-x  1 root root  18414 Nov 20  2005 user-password.jpg
-rw-r--r--  1 root root     77 Jan 13  2003 warn.gif

Code: [Select]

ls -la /etc/e-smith/web/panels
total 16
dr-xr-x---  4 root admin 4096 Aug 19 08:15 .
drwxr-xr-x  5 root root  4096 Aug 19 08:15 ..
drwxr-xr-x  5 root root  4096 Aug 19 08:15 manager
drwxr-xr-x  4 root root  4096 Aug 21 16:11 password

Code: [Select]

ls -la /etc/e-smith/web/panels/manager
total 20
drwxr-xr-x  5 root root  4096 Aug 19 08:15 .
dr-xr-x---  4 root admin 4096 Aug 19 08:15 ..
drwxr-xr-x  2 root root  4096 Nov 10 19:28 cgi-bin
drwxr-xr-x  2 root root  4096 Aug 19 08:15 common
drwxr-xr-x  3 root root  4096 Nov 10 19:40 html

Code: [Select]

ls -la /etc/e-smith/web/panels/manager/html
total 16
drwxr-xr-x  3 root root 4096 Nov 10 19:40 .
drwxr-xr-x  5 root root 4096 Aug 19 08:15 ..
-rw-r--r--  1 root root 2028 Sep  7 20:14 header.htm
lrwxrwxrwx  1 root root   28 Aug 21 16:11 index.cgi -> ../../../functions/index.cgi
lrwxrwxrwx  1 root root   30 Aug 21 16:11 initial.cgi -> ../../../functions/initial.cgi
drwxr-xr-x  2 root root 4096 Sep 13 10:54 sme7admin

Code: [Select]

ls -la /etc/e-smith/web/panels/manager/cgi-bin
total 8
drwxr-xr-x  2 root root 4096 Nov 10 19:28 .
drwxr-xr-x  5 root root 4096 Aug 19 08:15 ..
lrwxrwxrwx  1 root root   25 Aug 21 16:11 backup -> ../../../functions/backup
lrwxrwxrwx  1 root root   25 Aug 21 16:10 clamav -> ../../../functions/clamav
lrwxrwxrwx  1 root root   27 Aug 21 16:11 datetime -> ../../../functions/datetime
lrwxrwxrwx  1 root root   28 Aug 21 16:11 directory -> ../../../functions/directory
lrwxrwxrwx  1 root root   26 Nov 10 19:28 domains -> ../../../functions/domains
lrwxrwxrwx  1 root root   32 Aug 21 16:11 emailsettings -> ../../../functions/emailsettings
lrwxrwxrwx  1 root root   25 Aug 21 16:11 groups -> ../../../functions/groups
lrwxrwxrwx  1 root root   30 Aug 21 16:11 hostentries -> ../../../functions/hostentries
lrwxrwxrwx  1 root root   24 Aug 21 16:11 ibays -> ../../../functions/ibays
lrwxrwxrwx  1 root root   32 Aug 21 16:11 localnetworks -> ../../../functions/localnetworks
lrwxrwxrwx  1 root root   29 Aug 24 09:24 navigation -> ../../../functions/navigation
lrwxrwxrwx  1 root root   27 Aug 24 09:24 noframes -> ../../../functions/noframes
lrwxrwxrwx  1 root root   32 Aug 21 16:11 online-manual -> ../../../functions/online-manual
lrwxrwxrwx  1 root root   29 Aug 21 16:11 pleasewait -> ../../../functions/pleasewait
lrwxrwxrwx  1 root root   33 Aug 21 16:11 portforwarding -> ../../../functions/portforwarding
lrwxrwxrwx  1 root root   27 Aug 21 16:11 printers -> ../../../functions/printers
lrwxrwxrwx  1 root root   24 Aug 21 16:11 proxy -> ../../../functions/proxy
lrwxrwxrwx  1 root root   29 Aug 21 16:11 pseudonyms -> ../../../functions/pseudonyms
lrwxrwxrwx  1 root root   30 Aug 21 16:11 qmailanalog -> ../../../functions/qmailanalog
lrwxrwxrwx  1 root root   22 Aug 21 22:10 qmh -> ../../../functions/qmh
lrwxrwxrwx  1 root root   24 Aug 24 09:25 quota -> ../../../functions/quota
lrwxrwxrwx  1 root root   25 Aug 21 16:11 reboot -> ../../../functions/reboot
lrwxrwxrwx  1 root root   31 Aug 21 16:11 remoteaccess -> ../../../functions/remoteaccess
lrwxrwxrwx  1 root root   25 Aug 21 16:11 review -> ../../../functions/review
lrwxrwxrwx  1 root root   23 Oct 17 08:17 sarg -> ../../../functions/sarg
lrwxrwxrwx  1 root root   28 Aug 25 16:51 sme7admin -> ../../../functions/sme7admin
lrwxrwxrwx  1 root root   33 Aug 21 16:11 starterwebsite -> ../../../functions/starterwebsite
lrwxrwxrwx  1 root root   26 Aug 24 09:23 support -> ../../../functions/support
lrwxrwxrwx  1 root root   25 Aug 25 18:14 sysmon -> ../../../functions/sysmon
lrwxrwxrwx  1 root root   31 Aug 21 16:11 useraccounts -> ../../../functions/useraccounts
lrwxrwxrwx  1 root root   31 Aug 21 16:11 viewlogfiles -> ../../../functions/viewlogfiles
lrwxrwxrwx  1 root root   28 Nov 10 19:28 workgroup -> ../../../functions/workgroup
lrwxrwxrwx  1 root root   22 Aug 21 16:11 yum -> ../../../functions/yum

[cb-wizard]

Checked, looks the same, do not have sarg & admin tools installed.

Is there and easier way (and how - not Linux literate) of copying user accounts, passwords and permissions to another sme7 box.  Can copy shared data by hand and configure server settings.

[mmccarn]

Funny you should ask -- I just did some digging in 'lazy admin tools' last night to find an answer for another question, and found this in
man lat:

Code: [Select]

lat-dump
       Creates input-files for the lat-toolkit, based on the
       current configuration of the SME server (5.x/6.x). The
       information is extracted from the /home/e-smith/*
       databases.

       The resulting input-files can be used to replicate
       user accounts, ibays, etc on a different SME server,
       or recreate them on a clean install. To facilitate the
       restoring/replicating, the lat-restore script is auto-
       matically created. This will launch the various lat-
       tools in the right sequence.

lat-restore
       Launches all lat-tools in the correct sequence using
       the config files created by lat-dump. This allows you
       recreate all user accounts, groups, ibays etc with the
       same uid/gid on an other server or to restore a cor-
       rupted server.

       lat-restore is automatically created by lat-dump and
       can be edited to meet your needs
Here's a link to a post on how to get LAT, with a quick step-by-step on installing it: http://forums.contribs.org/index.php?topic=34588.0

Once you've installed LAT you can dump your current info like this:

mkdir -p /root/lat/data
cd /root/lat/data
lat-dump -d

Now you have the following files in /root/lat/data ("sme" is the name of my server):

lat-restore
sme.Procmail
sme.Domains
sme.Pseudonyms
sme.Groups
sme.Quota
sme.Hosts
sme.Ibays
sme.Users
sme.PPTP

lat-restore will automatically re-create all of the information in the other files on a new system; /usr/sbin/lat-users -a -p -i=sme.Users would re-load only the user information, generate new random passwords for all users, and place them in ./passwords.new.

I suppose it's possible that lat-users -a -c "admin | SME | Administrator | newpassword" might fix your admin account.  lat-users takes much longer than passwd so I assume it's changing more files...

[CharlieBrady]

Backup to desktop and/or USB disk, restore onto new hardware - fresh install sme v7 produces above error.

As test:
Clean install of v7, copied some data, backed up and restore to clean v7 do not produce the above error.

If you did a backup to desktop, fresh install, then restore from desktop, and the system doesn't work correctly afterwards, then you shoudl report the problem via the bug tracker. You will then help us (the developers) to find the cause of the problem and fix it.

[cb-wizard]

Thank you all for your help!

Used lat to get accounts across, lost all passwords - not a train smash.

Copied data by hand.

Installed this morning working great.

I will post the bug.


Thanks again.