AIQUM acquisition unit receives authentication error even though correct credential is set
Applies to
- Active IQ Unified Manager (AIQUM) 9.12 and later
- ONTAP 9.6 and later
- Enabled Mutual Transport Layer Security (mTLS / Mutual TLS) for ONTAP cluster
Issue
- Even though a cluster credential is correct, acquisition unit is unable to collect data from ONTAP due to authentication error
- AIQUM DASHBOARD shows
Cluster discovery failed. Rediscover the cluster after resolving the issue. Operation State isFailedforHealth Polloperation in STORAGE MANAGEMENT > Cluster Setup for existing clusters- Event
Cluster Monitoring Failedis triggered
au.log:
ERROR [common-pool-XX] c.o.s.a.d.n.t.z.ZAPIConnection (ZAPIConnection.java:629) - [netappfoundation] <cluster_name> - while executing ZAPIs on datasource: <cluster_name> IP: <cluster_ip> for ZAPI: system-get-version, netapp.manage.NaAuthenticationException: Authorization failed netapp.manage.NaAuthenticationException: Authorization failed
:
ERROR [common-pool-XX] c.o.s.a.f.d.BaseDataSource (DataSourceErrorException.java:246) - cluster1 [Invalid login credentials] - Failed to log in to the cluster: <cluster_name> ([Device name <cluster_name>]: Failed to login to the cluster.)
ocumserver.log:
WARN [oncommand] [reconciliation-0] [c.n.d.c.ClusterStatusListener] Acquisition Failed for cluster : <cluster_ip> message : [Device name <cluster_ip>]: Failed to login to the cluster.
WARN [oncommand] [task-scheduler-7] [c.n.d.e.p.e.b.MtlsClusterCertificateValidityEventTypeController] Expiry of MTLS certificate for the Cluster is not set
/etc/log/mlog/apache_logs/apache_error.logof ONTAP cluster shows authentication error for user null:
[auth_basic:error] [pid <pid>:tid <tid>] [client <AIQUM_IP>:<port>] AH01617: user null: authentication failure for "//servlets/netapp.servlets.admin.XMLrequest_filer": Password Mismatch