Network Management

Hi there!

Since our IMC host got the new E0403P10 patch installed, it fails fetching backups of the configuration files from many devices. It seems like IMC "fails to execute script" on all devices that require a super password (which are Ciscos in this case) for privileged access, using either SSH or Telnet.

So could it be that something's got messed up with the corresponding scripts in this patch? And is there anything I can do to get this working again, whithout having to change login credentials on all the (hundreds of) devices?

The error prompt looks like IMC does not deliver the "enable" command and tries to get the files in unprivileged user level:

Using username 
[...]
Using keyboard-interactive authentication.
Password:

mgmt>
mgmt>copy startup-config tftp:
       ^
% Invalid input detected at '^' marker.

mgmt>show startup-config
             ^
% Invalid input detected at '^' marker.

mgmt> 

Kind regards,

Johannes

I had silimar issues after upgrading to P04/P06. Some scripts were changed in the P04 patch.

See this thread: Deploy-Configuration-Fails-since-E0403P04

I had this confirmed with HP and they will fix the scripts in the 7.3 release which is scheduled for October.

/ Rikard

Thank you for that hint, Rikard!

After reading your thread, I've "diff"ed the script location from P06 and P10. I've found two changes that cause problems.

One problem appears in file <IMC>/server/conf/adapters/ICC/Cisco/CiscoIOSGeneric/enter_enable.tcl, which was changed like this:

                     old file                    |                        new file
[...]

# If the user can't login to enable, try to succe|# If the user can't login to enable, try to succe
if { $execAccessOnly == "true" } {               |if { $execAccessOnly == "true" } {
    set enable_prompt $exec_prompt               |    set enable_prompt $exec_prompt
} else {                                         |} else {                                         
-------------------------------------------------|    expect {                                     
-------------------------------------------------|    $exec_prompt {                               
    send "enable\r"                              |    send "enable\r"
    set loop true                                |    set loop true

[...]

    if {$useTruePrompt != "false"} {             |    if {$useTruePrompt != "false"} {
        send "\r"                                |        send "\r"
        expect -re "\[\r\n\]+(.*?$enable_prompt)"|        expect -re "\[\r\n\]+(.*?$enable_prompt)"
        set enable_prompt $expect_out(1,string)  |        set enable_prompt $expect_out(1,string)
-------------------------------------------------|    }                                            
-------------------------------------------------|                                                 
-------------------------------------------------|    }                                            
-------------------------------------------------|                                                 
    }                                            |    }
}                                                |}

After restoring the old file on the server, the backups work again on almost all Cisco devices.

There were addinional problems concerning Nexus 7010 routers, which got fixed using the previous version of <IMC>/server/conf/adapters/ICC/Cisco/CiscoIOSGeneric/initialize.tcl

Thank you for help! :)