NetXMS Support Forum

Hi!

This can be done by setting "proxy" attribute for a DCI. For example, if you need to have DCI on node A, but get information from node B, you can configure DCI on node A and set it's "proxy" attribute to node B. For security reasons, you must also add node A to list of trusted nodes for node B, or disable trusted nodes checking globally.

Best regards,
Victor

No, it's secure. Login process using certificate is following:

1. Server send random challenge to client
2. Client sign server's challenge with his certificate's private key and send signed challenge along with public part of certificate to server
3. Server validates certificate using CA certificate
4. If certificate is valid, server validates challenge signature using certificate's public key
5. If signature is valid, server compares certificate subject with mapping data from user record
6. If mapping data match with certificate subject, access is granted

So, to login successfully, user must posses valid certificate with private key. Having just public part of certificate is not enough. Authentication by certificate also allows smart card login - you just need to store certificate used for login on smart card instead of local certificate store.

Best regards,
Victor

Hi!

Attached is 64 bit version. I plan to make a bugfix release in a few days. About 2nd question - in fact, attached version already supports connection strings in place of DSN names. The only limitation now is that connection string should not contain colon ( : ) character.

Best regards,
Victor

I'll try to check this. Also, could you please enable crash dump generation on server and send generated dumps to [email protected]? This can greatly simplify debugging. You can enable crash dump generation by setting two parameters in netxmsd.conf:

CreateCrashDumps = yes
DumpDirectory = some existing directory writable by server process

Also, could you please run command "nxadm -i" on server machine post output of the following commands:

show pollers
show queues
show flags
show mutex

Best regards,
Victor

I have fixed few bugs in odbcquery subagent. Could you please try attached version?

Best regards,
Victor

Hi!

You should go to properties of user account and set authentication method to "Certificate". Then, you should select certificate mapping method - either "Subject" or "Public key" - and enter appropriate information into "certificate mapping data" field. I usually use "subject" mapping. You can use openssl to read certificate's subject:


C:\Source\NetXMS-1.0.x>openssl x509 -subject -in victor.crt
subject= /C=LV/ST=Riga/L=Riga/O=Raden Solutions/CN=victor/emailAddress=email@domain
-----snip-----


or any other tool.

Best regards,
Victor

Currently odbcquery subagent uses SQLConnect call which does not support connection strings. I will try to add automatic detection if connection string is given instead of DSN name (probably by checking for presence of = characters) and use SQLDriverConnect in this case.

Best regards,
Victor

Can you please try to run agent in debug mode? To do so, change logging to a file by adding

LogFile = some_log_file

to agent's config, and run agent in foreground as

nxagentd -D 9

Best regards,
Victor

Could you please run server as a service with full debug (-D 9 command line option)?

Best regards,
Victor

Hi!

Sorry, I forgot about it Now I have added this as feature request to bugtracker (issue 309), and hopefully it will be included in 1.0.7 release.

Best regards,
Victor

Выложил релиз 1.0.6, где этот баг должен быть исправлен (в теории). Протестируйте пожалуйста когда будет возможность.

Hi!

There are documentation chapter about scripting language itself, and reference for all functions. However, writing transformation and filtering script are not covered. I'll try to add additional information on this topic to documentation.

Best regards,
Victor

Hi!

It's because all Disk.* parameters was renamed to FileSystem.* (but all agents still understand Disk.* form, although does not report it in a list of available parameters). However, I forget to rebuild x64 agent from new source - this is why it does not understand FileSystem.* parameters. Now Windows x64 agent version 1.1.0 is available for download, which provides same functionality as x86 version 1.0.6.

Best regards,
Victor

Hi all!

NetXMS version 1.0.6 is out. Changes since 1.0.5:

- Implemented adding existing nodes to cluster and removing nodes from cluster
- LogWatch subagent improved
- Fixed issues: #306, #307, #308

Best regards,
Victor

Hi!

It's a syntax error in agent configuration filtering script, for agent configuration record with ID 1. If you could provide your filtering script, I could tell what the error is.

Best regards,
Victor