DX NetOps

  • 1.  PM local PC passwords

    Posted Apr 19, 2019 11:22 AM

    Hi all,

     

    We have a small number of users who authenticate locally with the PC. We're seeing that some of their passwords seem to become invalid after some time. Is there a way I can see/verify passwords stored in the PC to investigate what is happening?

     

    Thanks in advance,

    David Marion



  • 2.  Re: PM local PC passwords

    Broadcom Employee
    Posted Apr 22, 2019 12:45 PM

    David,

     

    What do you mean by "locally with the PC"?  Through the GUI, the CLI, something else?

     

    Troy



  • 3.  Re: PM local PC passwords

    Posted Apr 23, 2019 12:28 PM

    The authentication type (when editing user) is set to "performance center" - that's in the GUI. When looking there the passwords are all ********. Is there a rest call that can be made to get a user's password? I'm trying to see what the passwords are being changed to (I know what was set in the GUI before it stopped working). I keep having to go back in the GUI and set the passwords back.



  • 4.  Re: PM local PC passwords

    Broadcom Employee
    Posted Apr 25, 2019 11:13 AM

    David,

     

    That is odd. What's the specific PM release involved?

     

    Do you also have any SSO configured like LDAP or anything along those lines?

     

    Thanks,

    Mike



  • 5.  Re: PM local PC passwords

    Posted Apr 26, 2019 10:41 AM

    Mike,

     

    Yes, we have SSO and SAML configured. Most of our users authenticate externally, but a few of us (admins) authenticate locally on the PC. I noticed this because my account is being effected. Any time I want to use the odata query builder I have to reset my password in the PC GUI to what I originally set it to. It's being changed somehow.

     

    Thanks,

    David



  • 6.  Re: PM local PC passwords

    Broadcom Employee
    Posted Apr 26, 2019 10:46 AM

    David,

     

    Do you have two accounts?  One that was created manually in CAPC and set to Performance Center authentication type and one that was created automatically through SAML2 and set to External?

     

    Troy



  • 7.  Re: PM local PC passwords

    Broadcom Employee
    Posted Apr 26, 2019 10:58 AM

    Along those same lines, is the user name logged in with for PC/internal authentication the same user name that would or could be used to login with SSO via SAML?



  • 8.  Re: PM local PC passwords

    Posted Apr 26, 2019 03:00 PM

    I just have the one account in PM and yes the username is the same as would be used if I were authenticating with SAML.



  • 9.  Re: PM local PC passwords

    Broadcom Employee
    Posted Apr 26, 2019 03:08 PM

    David,

     

    You may be running into the account being mixed up with the SAML2 version of the account.  Next time you see this, can you log in with your domain credentials?

     

    What if you create a second account manually on CAPC, one that is not named the same as your domain credentials, do you still run into the problem?

     

    Troy



  • 10.  Re: PM local PC passwords

    Broadcom Employee
    Posted May 01, 2019 12:34 PM

    How are things going for this problem David?