Forum Discussion

Chris's avatar
Chris
Icon for Contributor II rankContributor II
16 days ago

12.3 CU - Default em7admin admin pass not working during Node configuration process...

We are working to stand up 12.3 and have run into some issues.

The primary issue at this time is that when we go to connect the CUI to the enviornment via the Node configuration Utility (or appliance link in classic ui), the default em7admin password does not seem to work.  We have tried both goign to the CU via the :7700 path for node management, or just the main site and both gives us a "Login Failed" message.

Has the default em7admin password on the CU been changed? 

We have a few other issues, but want to try to knock them out 1 by 1 in hopes they are connected.

Any advice/guidance that can be provided would be greatly appreciated.

  • patmcclain's avatar
    patmcclain
    2 days ago

    Chris FYI - It is my understanding that we are putting the encrypt functionality back in for 12.3 so that customers don't have to re-encrypt PPs manually upon upgrade in GA.  This functionality will be removed in the future but not before a new framework is put in place to re-encrypt PPs automatically. Thank you for the feedback that led to this decision!  

  • Chris's avatar
    Chris
    Icon for Contributor II rankContributor II
    15 days ago

    Ok, found the issue.  it appears the vault was not executed correctly when it was setup.  After stopping/starting and then waiting a few minutes and then rebooting the system, it started working fine and the login was working once again.  This also appears to have resolved a number of other errors we were encountering during the setup of the environment.

  • patmcclain's avatar
    patmcclain
    Icon for Community Manager rankCommunity Manager
    2 days ago

    Chris FYI - It is my understanding that we are putting the encrypt functionality back in for 12.3 so that customers don't have to re-encrypt PPs manually upon upgrade in GA.  This functionality will be removed in the future but not before a new framework is put in place to re-encrypt PPs automatically. Thank you for the feedback that led to this decision!  

  • patmcclain's avatar
    patmcclain
    Icon for Community Manager rankCommunity Manager
    13 days ago

    Hey Chris It looks like you were able to work through the issue above.  I will get the team to look into this to make sure others don't run across this as well.  Are you stood up on 12.3 now?  Please continue post any questions or feedback you may have to this user group!

    • Chris's avatar
      Chris
      Icon for Contributor II rankContributor II
      13 days ago

      patmcclain   once that issue was resolved, we've moved to configuration.  Currently working through PowerPacks.  The current 'issue' I am seeing with this is there is little to no documentation with regards to redoing encryption on PowerPacks for the new encryption unless you are 'upgrading'.  A fresh install of 12.3 does not appear to have a easy path to re-encrypt the PPaks.   Is there something on the backend that we can use to do this?  I might have overlooked this ability so far, but currently only thing i've found referencing this is when you are upgrading and re-encrypting alread installed PPaks.

  • patmcclain's avatar
    patmcclain
    Icon for Community Manager rankCommunity Manager
    13 days ago

    Hey Chris, As part of our security upgrades in the 12.3.0 line, we have removed the mcrypt library which is required for the old encryption method to be used with PowerPacks. Since the library is no longer there, there is no process to perform rebuilds after the upgrade. That is the reason that all of the documentation focuses on performing rebuilds prior to the upgrade.

    • Chris's avatar
      Chris
      Icon for Contributor II rankContributor II
      13 days ago

      Thanks for the response.  Was hoping that was not the case but it is what it is :) Keep in mind, in the event a "New Build" is done and there hasn't been an update to a specific PowerPack in awhile, then we can't install them.  That likely will cause blocks for some users down the road.

      Is there something in the works to update all the existing SL PPaks on the site to the latest encryption?  I can understand if the PPak was done by 3rd party, but if it's a SL authored one, there should be at least an option to download the PPak with the latest supported encryption.  

      • JoshAbraham's avatar
        JoshAbraham
        Icon for Moderator rankModerator
        13 days ago

        Yes, there is a project in the works to update the PowerPacks that are out on the portal to the latest encryption version. We are also working on tooling to allow old PowerPack files to be updated to the new encryption. It will likely involve sending that file to the portal or in a ticket and then it will be converted automatically. It is also possible to convert it by importing it on an older (11.2-12.2) AIO stack and rebuilding it there.