NX controller user security settings?

viningvining X MemberPosts: 4,353

Is there a trick to get these to work? I create a user give them a role that permits telnet, try to use telnet in code with that user and pass and nada. Try again will all roles selected and nada. I still had the default admin user pass so I then used that in code and it works fine. I created a new user and a new role for that user that only permits telnet and it doesn’t work. Why? I am running the latest on this controller but this stupid sh i t has got me stumped so I’m leaving the code with the default admin user pass which is ridiculous.

Comments

  • HARMAN_icraigieHARMAN_icraigie Technical Trainer II, Harman Professional University Posts: 490
    edited May 10

    Interesting - looks like you can't set up a "Device" user type for terminal access.

    (14:26:01):: ParseBuffer() iString = Login : testapp$0D$0A
    (14:26:01):: ParseBuffer() iString = Password : ********$0D$0A
    (14:26:01):: testapp is not auth'd for Terminal
    (14:26:01):: Failed Telnet login attempt #0 from : socket=110, addr=::ffff:127.0.0.1
    (14:26:01):: ParseBuffer() iString = User not granted access!$0D$0A
    (14:26:01):: ParseBuffer() iString = Login not authorized. Please try again.$0D$0A

    You can set up a user as a "Normal" type with just telnet/ssh access enabled but will be forced to set a new password at first login. I used a throw away password at the setup page then reset with the password I had the app logging in with.

  • HARMAN_icraigieHARMAN_icraigie Technical Trainer II, Harman Professional University Posts: 490

    Looking the WebConsole and Programming guide it doesn't specifically state this is the issue but it may implicitly suggest something to that effect - depending on how you read it.

    NOTE: The Type field indicates the type of account for the user. This field lists either Normal or Device. Normal users are any users
    which access the web interface, Telnet, or NetLinx Studio, and must be assigned to a Role with those permissions assigned to it.
    Device connections are required for machine to machine over ICSP, such as touch panels and ICSLan device control boxes.
    Device-type users are stored only in the local user database and are able to be modified even when a remote directory service is
    enabled.

  • viningvining X Member Posts: 4,353

    Well at least I now know I’m not crazy. I’ll have to look at my NX2200 which runs the same code that requires telnet to ping and get mem usage. That’s been working fine so I managed to get it working somehow before.

  • John NagyJohn Nagy CineTouch Product Manager Posts: 1,526

    @vining said:
    Well at least I now know I’m not crazy.

    I say wait for multiple data points before charting a conclusion...

  • viningvining X Member Posts: 4,353

    @John Nagy said:

    @vining said:
    Well at least I now know I’m not crazy.

    I say wait for multiple data points before charting a conclusion...

    i was only speaking in regard to the post subject matter. In most other things I can’t say I’ve ever been right in the head. Just being here still is a prime example. ;)

Sign In or Register to comment.