NetXMS Support Forum

Hi!

Please try to upgrade to 1.0.7, and select "Install PDB files" in components during upgrade. If it will continue to crash, and you are running on multiprocessor/multicore server, try to bound netxmsd process to single core by adding

ProcessAffinityMask = 1

to netxmsd.conf. This will bound server process to CPU #0. If you wish to bound to CPU #1 or other, use value 2 for CPU #1, 4 for CPU #2, 8 for CPU #3, and so on.

Best regards,
Victor

Hi all!

NetXMS version 1.0.7 is out. It's a minor bugfix release. Changes from version 1.0.6:

- Implemented automatic alarm termination using regular expressions
- Added support for ODBC connection strings in ODBCQUERY subagent and ODBC database driver
- Added server configuration parameter ProcessAffinityMask
- Fixed issues: #309, #310

Best regards,
Victor

Agent reload config on restart - so if change agent's config, you have to restart it. Maybe you just press "Save" instead of "Save & Apply" after first change?

Best regards,
Victor

Hi!

This can be done by setting "proxy" attribute for a DCI. For example, if you need to have DCI on node A, but get information from node B, you can configure DCI on node A and set it's "proxy" attribute to node B. For security reasons, you must also add node A to list of trusted nodes for node B, or disable trusted nodes checking globally.

Best regards,
Victor

No, it's secure. Login process using certificate is following:

1. Server send random challenge to client
2. Client sign server's challenge with his certificate's private key and send signed challenge along with public part of certificate to server
3. Server validates certificate using CA certificate
4. If certificate is valid, server validates challenge signature using certificate's public key
5. If signature is valid, server compares certificate subject with mapping data from user record
6. If mapping data match with certificate subject, access is granted

So, to login successfully, user must posses valid certificate with private key. Having just public part of certificate is not enough. Authentication by certificate also allows smart card login - you just need to store certificate used for login on smart card instead of local certificate store.

Best regards,
Victor

Hi!

Attached is 64 bit version. I plan to make a bugfix release in a few days. About 2nd question - in fact, attached version already supports connection strings in place of DSN names. The only limitation now is that connection string should not contain colon ( : ) character.

Best regards,
Victor

I'll try to check this. Also, could you please enable crash dump generation on server and send generated dumps to [email protected]? This can greatly simplify debugging. You can enable crash dump generation by setting two parameters in netxmsd.conf:

CreateCrashDumps = yes
DumpDirectory = some existing directory writable by server process

Also, could you please run command "nxadm -i" on server machine post output of the following commands:

show pollers
show queues
show flags
show mutex

Best regards,
Victor

I have fixed few bugs in odbcquery subagent. Could you please try attached version?

Best regards,
Victor

Hi!

You should go to properties of user account and set authentication method to "Certificate". Then, you should select certificate mapping method - either "Subject" or "Public key" - and enter appropriate information into "certificate mapping data" field. I usually use "subject" mapping. You can use openssl to read certificate's subject:


C:\Source\NetXMS-1.0.x>openssl x509 -subject -in victor.crt
subject= /C=LV/ST=Riga/L=Riga/O=Raden Solutions/CN=victor/emailAddress=email@domain
-----snip-----


or any other tool.

Best regards,
Victor

Currently odbcquery subagent uses SQLConnect call which does not support connection strings. I will try to add automatic detection if connection string is given instead of DSN name (probably by checking for presence of = characters) and use SQLDriverConnect in this case.

Best regards,
Victor

Can you please try to run agent in debug mode? To do so, change logging to a file by adding

LogFile = some_log_file

to agent's config, and run agent in foreground as

nxagentd -D 9

Best regards,
Victor

Could you please run server as a service with full debug (-D 9 command line option)?

Best regards,
Victor

Hi!

Sorry, I forgot about it Now I have added this as feature request to bugtracker (issue 309), and hopefully it will be included in 1.0.7 release.

Best regards,
Victor

Выложил релиз 1.0.6, где этот баг должен быть исправлен (в теории). Протестируйте пожалуйста когда будет возможность.

Hi!

There are documentation chapter about scripting language itself, and reference for all functions. However, writing transformation and filtering script are not covered. I'll try to add additional information on this topic to documentation.

Best regards,
Victor