Dan Langille escribió:
> On 11 Jan 2007 at 16:01, Jorge González wrote:
>
>
>> Dan Langille escribió:
>>
>>> On 11 Jan 2007 at 15:15, Jorge González wrote:
>>>
>>>
>>>
>>>> hi all!
>>>>
>>>> I have a server with Bacula Director. There are two clients A and B.
>>>> Client A works pretty well but B has an authentication problem.
>>>> Communications between director and B is ok, both are responding to
>>>> ping. Telnet to B 9103 OK from director and telnet from B to director
>>>> 910X OK. iptraf shows connections. A and B has almost the same config.
>>>> The only difference is A has bacula-fd binary is a copy from director,
>>>> bacula-fd binary in B had been compiled in B because of different OS
>>>> with only-client directive
>>>>
>>>>
>>> What version of Director/Client are you running?
>>>
>>>
>> hi Dan!!
>> 2.0.0 in all machines
>>
>>>
>>>
>>>> 11-Jan 14:10 bacula-server-dir: *Console*.2007-01-11_14.09.47 Fatal error:
>>>> Unable to authenticate with File daemon on "10.15.xxx.xxx:9102". Possible
>>>> causes:
>>>>
>>>> Passwords or names not the same or
>>>>
>>>> Maximum Concurrent Jobs exceeded on the FD or
>>>>
>>>> FD networking messed up (restart daemon).
>>>>
>>>> Please see http://www.bacula.org/rel-manual/faq.html#AuthorizationErrors
>>>> for help.
>>>>
>>>>
>>>> any idea?
>>>>
>>>>
>>> When you telnet from the director box to the 10.15.x.x box, port
>>> 9102, you don't get told "you are not welcome..." or something like
>>> that? What you should get is something like this:
>>>
>>> $ telnet dfc 9102
>>> Trying 10.55.0.98...
>>> Connected to dfc.unixathome.org.
>>> Escape character is '^]'.
>>> [press enter]
>>> [press enter again]
>>> Connection closed by foreign host.
>>> $
>>>
>>> Is that what you get?
>>>
>>>
>>>
>> Yep, telnet is working. I said telnet to 9103 previously but it was a
>> mistake, I did telnet to B 9102. Then
>> $ telnet 10.15.xxx.xxx 9102
>> Trying 10.15.xxx.xxx...
>> Connected to thor (10.15.xxx.xxx).
>> Escape character is '^]'.
>> Connection closed by foreign host.
>> $
>>
>>>> -------- Configs --------
>>>>
>>>> ** B fd conf**
>>>> Director {
>>>> Name = bacula-server-dir
>>>> Address = 10.10.xxx.xxx
>>>>
>>>>
>>> Eh? Address? I don't see that documented. But I don't think that
>>> is the cause of the problem
>>>
>>>
>> Well, A is working with Address because bacula-server-dir is not in DNS.
>> I'll see later but I'm sure is not the problem.
>>
>
> I'm not sure either, but try removing it.
>
> Bacula authenticates with name and password. That name can be
> anything. It is not related to DNS. Restart bacula-fd when you do.
>
Well, I removed 'address' in A and B client and restarted daemons.
Problem continues in B client. A client is working ok after removing
'address'.
>
>>>
>>>
>>>> Password = "password"
>>>>
>>>>
>>> Is this password the same as the one I point out below?
>>>
>>>
>> yep, of course ;-). In fact, I copy&paste bacula-fd.conf from A client
>> to B client and modify only the name of server
>>
>>>
>>>
>>>> }
>>>>
>>>> FileDaemon { # this is me
>>>> Name = thor
>>>> FDport = 9102 # where we listen for the director
>>>> WorkingDirectory = /var/bacula
>>>> Pid Directory = /var/run
>>>> Maximum Concurrent Jobs = 20
>>>> }
>>>>
>>>>
>>>> ** A fd conf**
>>>> Director {
>>>> Name = bacula-server-dir
>>>> Address = 10.10.xxx.xxx
>>>> Password = "password"
>>>> }
>>>>
>>>> FileDaemon { # this is me
>>>> Name = pollux
>>>> FDport = 9102 # where we listen for the director
>>>> WorkingDirectory = /var/bacula
>>>> Pid Directory = /var/run
>>>> Maximum Concurrent Jobs = 20
>>>> }
>>>>
>>>> ** Director conf**
>>>>
>>>> Director { # define myself
>>>> Name = bacula-server-dir
>>>> DIRport = 9101 # where we listen for UA connections
>>>> QueryFile = "/etc/bacula/query.sql"
>>>> WorkingDirectory = "/var/bacula"
>>>> PidDirectory = "/var/run"
>>>> Maximum Concurrent Jobs = 1
>>>> Password = "password" # Console password
>>>> Messages = Daemon
>>>> }
>>>> Client {
>>>> Name = thor
>>>> Address = 10.15.xxx.xxx
>>>>
>>>>
>>> This is the client you are having trouble talking to.
>>>
>>>
>> Yep, B client (thor) is my headache of the day
>>
>
> I note these two are on different subnets, that could be an issue,
> but I have similar situations without problem.
>
> Are you sure the address field is correct for Thor?
>
>
Thor's ip address is ok, I used it (c&p) to telnet to it. If the IP was
wrong then bacula would not connect and the error would be a connection
error and not auth error as I can understand. There is no problem about
subnets because pings and telnets are working fine. I think it is about
comunication between director and file daemon
Bacula-dir daemon in debug mode:
bacula-server-dir: ua_status.c:106 status:status client=thor
bacula-server-dir: bnet.c:792 Current host[ipv4:10.15.xxx.xxx:9102] All
host[ipv4:10.15.xxx.xxx:9102]
bacula-server-dir: bnet.c:1154 who=File daemon host=10.15.xxx.xxx port=9102
bacula-server-dir: fd_cmds.c:91 Opened connection with File daemon
bacula-server-dir: authenticate.c:186 Sent: Hello Director
bacula-server-dir calling
bacula-server-dir: cram-md5.c:131 cram-get: 2999 No go
bacula-server-dir: cram-md5.c:136 Cannot scan challenge: 2999 No go
bacula-server-dir: authenticate.c:204 cram_get_auth failed for File daemon
bacula-server-dir: authenticate.c:208 Director and File daemon passwords
or names not the same.
I'm thinking there is something wrong, maybe in config, but I can't see
the ligth!! Or maybe could be about 'compile procedures'...
>>>
>>>
>>>> FDPort = 9102
>>>> Catalog = MyCatalog
>>>> Password = "password" # password for FileDaemon
>>>>
>>>>
>>> Is this password the same as the one I pointed out above?
>>>
>>>
>> The same, all passwords (DIR,SDs,monitors, FDs...) have the same
>> password by now.
>>
>>>
>>>
>>>> File Retention = 30 days # 30 days
>>>> Job Retention = 6 months # six months
>>>> AutoPrune = yes # Prune expired Jobs/Files
>>>> }
>>>>
>>>> Client {
>>>> Name = pollux
>>>> Address = 10.20.xxx.xxx
>>>> FDPort = 9102
>>>> Catalog = MyCatalog
>>>> Password = "password" # password for FileDaemon
>>>> File Retention = 30 days # 30 days
>>>> Job Retention = 6 months # six months
>>>> AutoPrune = yes # Prune expired Jobs/Files
>>>> }
>>>>
>
>
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
