Sometimes in FireMon you may notice that your Data Collector will stop retrieving it’s assigned devices, Even if it’s status shows as UP in the Admin portal. A common reason why this happens is that your Data Collector’s password has changed, and it needs to be updated in FireMon to unlock the user account associated with it. In this article I will go through how to run the necessary API Calls to do so.
Step One : Accessing the API
The first step it to access FireMon’s API. The easiest way to do so is to go to the ADMINISTRATION landing page and select API Reference under resources on the right side of the page.
After this you will be taken into our API, to log in please enter your GUI credentials and hit explore to access the API.
Step Two: Checking the status of the User Account
Now we will want check to see if the user account that the DC uses is locked out or not. To do so you would navigate to the user section of the API. From there you can look up the account status via two separate calls. These calls preforms the same function, the only difference is the information you query them with (one asked for account username, the other asks for the accounts user and domain I.D .
Getting by user name
This command is GET / user . The Parameter that it will ask you in order to execute this call is the username of your DC account, note that if you do not know it off of the top of your head it is generally dc_<name of the DC> . Once you have filled out the username please hit Try it out ! to execute the call. In the results body we want to see if the locked status is equal to true, if so we know that we will need to reset the password, and unlock this account.
Getting by User ID
The other way of doing this is to run the Get/domain/{domainID}/user/{id} call . Note this one asked for the domainID and the id instead of a password, but it presents the same information, and Try it out! also executes the call. The information that it gives you is the same as searching by the user name.
Step Three: Generating a Data Collector Diagnostic Pack
We will need a diagnostic pack in order to determine what your current DC password is. There are two ways of doing this.
Generating Via CLI :
If your box has outbound internet access you can run a single command in order to generate a diagnostic package. To do so log into your Data Collectors CLI and run the fmos mkdiagpkg command. It will automatically generate the package for you (note it may take some time) and when prompted select the option to export to FireMon (no support ticket necessary. One it uploads we will have all the information needed to get you the current password.
Generating via the SCP:
The other way of doing this is to generate the diagnostic pack via the Server Control Pannel. To access the SCP you can search it up in a web browser, and amend your current https address with a :55555 port specifier.
From there select the Diagnostic Package tab, and create a ticket via filling out the Ticket/ID field and hitting create. One it finishes running you can download the PKG directly, and ask you FireMon engineer to give you the SCP location to manually upload it to our servers.
Once your engineer has that package, your engineer can get you the current password.
Step Four: Resetting Password Via the API
Now that the Diagnostic package has been received, your engineer should be able to send you the current password of your DC. Once you have received it you can navigate back to the API, and under the user section select the PUT /domain/{domainId}/user/{id}/password call. Next please enter in your accounts domainId and id (note if you do not know you IDs, they can be found in the response body of your earlier user call), then the password that your engineer has given you. Once you have all of that hit Try it out! To apply the new password to the account.
Step Five: Unlocking the account
Now that the password has been applied, all you have left to do is to unlock the user account. To do so under the user section of the API please navigate to PUT /domain/{domainId}/user/{id}/unlock call. Once there please enter in the domainId, and the id of the DC account, and select Try it out! to run the call. Once this is done your DC account should now be operational and running again.
Step Six: Validating unlock
Now please run the Get/user call again, this time you should see the locked variable in the response body set to false. This confirms that your user account is now unlocked, and your DC should now be able to receive retrievals.
Comments
0 comments
Please sign in to leave a comment.