Question

Alert: external authentication

  • 28 March 2018
  • 3 replies
  • 2219 views

Badge +1
Hello,

I´ve seen a alert on Prism about external authentication. Here you are the complete message:

Possible Cause
An external client is configured to authenticate to the REST API with the admin user.
RECOMMENDATION
Authenticate to the REST API with a different user that has administrative privileges.

I don´t think I have anything configured to use APIs.

CE 2018.01.31


This topic has been closed for comments

3 replies

Userlevel 3
Badge +4
Hey,
Starting from AOS 5.5, you might receive the following alert with a warning if you are using any third party clients such as Rubrik to authenticate REST API calls using the admin user.

Impact :Admin user will be disabled in a forthcoming release. REST API calls from the admin user will stop working.
Cause :An external client is configured to authenticate to the REST API with the admin user.
Resolution: Authenticate to the REST API with a different user that has administrative privileges.

You may want to check the IP address which is trying to 'authenticate via the admin user' to figure out the application/ source.

To resolve this warning, create another user and use that user to authenticate to the REST API.

Perform the following procedure to add a user by using the Prism web console on AOS 5.5:
https://portal.nutanix.com/#/page/docs/details?targetId=Web-Console-Guide-Prism-v55:wc-user-management-wc-c.html

Let us know if that helpful?
Userlevel 2
Badge +3

Hi

I have the same problem, is there a way to trace back from the reported CVM to see where the request is coming from?

 

Thanks

Eric

Userlevel 3
Badge +3

@Eric-The_Viking The ~/data/logs/aplos.out file in the CVM might shed some light on the issue if you check the timestamp of the alert. Usually, an IP address is mentioned there.

 

Regards,

 

-Said