ich habe vor 2 Tage Opsi auf meinem UCS System installiert. Die Installation lief auf der neusten Version 4.4.7 durch inkl. Domainbeitritt.
Bei UCS muss man die User, die sich einloggen können sollen, in die Gruppe "Opsiadmin" packen. Das habe ich getan. Der Administrator ist schon in der Gruppe gewesen.
Wenn ich nun versuche mich einzuloggen, laufe ich auf einen Timeout.
Habe nun schon ein paar Dateien geprüft, die ich aus anderen Beiträgen gefunden hatte:
acl.conf
Code: Alles auswählen
backend_deleteBase : sys_group(opsiadmin)
backend_.* : all
hostControl.* : sys_group(opsiadmin); opsi_depotserver
host_get.* : sys_group(opsiadmin); opsi_depotserver; self; opsi_client(attributes(!opsiHostKey,!description,!lastSeen,!notes,!hardwareAddress,!inventoryNumber))
auditSoftware_delete.* : sys_group(opsiadmin); opsi_depotserver
auditSoftware_.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
auditHardware_delete.* : sys_group(opsiadmin); opsi_depotserver
auditHardware_.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
user_setCredentials : sys_group(opsiadmin); opsi_depotserver
user_getCredentials : opsi_depotserver; opsi_client
.*_get.* : sys_group(opsiadmin); opsi_depotserver; opsi_client
get(Raw){0,1}Data : sys_group(opsiadmin); opsi_depotserver
.* : sys_group(opsiadmin); opsi_depotserver; self
Code: Alles auswählen
[groups]
fileadmingroup = opsifileadmins
[packages]
use_pigz = True
opsiconfd.conf
Kann mir da jemand weiterhelfen?Code: Alles auswählen
; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = ; = configuration file for opsiconfd = ; = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - global settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [global] # Location of the backend config dir. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # backend config dir = /etc/opsi/backends backend config dir = /etc/opsi/backends # Location of the backend dispatcher config file. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # dispatch config file = /etc/opsi/backendManager/dispatch.conf dispatch config file = /etc/opsi/backendManager/dispatch.conf # Location of the backend extender config dir. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # extension config dir = /etc/opsi/backendManager/extend.d extension config dir = /etc/opsi/backendManager/extend.d # Location of the acl file. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # acl file = /etc/opsi/backendManager/acl.conf acl file = /etc/opsi/backendManager/acl.conf # Admin networks. # Comma separated list of network addresses from # which administrative connections are allowed. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # admin networks = 0.0.0.0/0 admin networks = 0.0.0.0/0 # Location of the pid file. # Opsiconfd needs to be restarted for changes to take effect. # # Default: # pid file = /var/run/opsiconfd/opsiconfd.pid pid file = /var/run/opsiconfd/opsiconfd.pid # Location of the log file. # The macro %m can be used to create use a separate log file for # each client. %m will be replaced by <client-ip> # Leave empty to use syslog. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # log file = log file = /var/log/opsi/opsiconfd/%m.log # If separate log files are used and this option is enabled # opsiconfd will create a symlink in the log dir which points # to the clients log file. The name of the symlink will be the same # as the log files but %m will be replaced by <client-fqdn>. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # symlink logs = yes symlink logs = yes # Set the log (verbosity) level # (0 <= log level <= 9) # 0: nothing, 1: essential, 2: critical, 3: errors, 4: warnings, 5: notices # 6: infos, 7: debug messages, 8: more debug messages, 9: passwords # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # log level = 5 log level = 5 # Set the log format # Macros: # %D: current time # %T: thread id # %l: log level (0..9) # %L: log level (name) # %M: the message # %F: filename # %N: linenumber # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # log format = [%l] [%D] %M (%F|%N) log format = [%l] [%D] %M (%F|%N) # Limit the size of logfiles that are either read or written through # an opsi backend. # Setting this to 0 will disable any limiting. # If you set this to 0 we recommend using a proper logrotate configuration # so that your disk does not get filled by the logs. max log size = 5MB # Maximum number of execution statistics to store in memory. # Execution statistics can be written to the log file by sending # a SIGHUP to opsiconfd. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # max execution statistics = 250 max execution statistics = 250 # The User for opsi-Nagios-Connetor. # # Default: # monitoring user = monitoring monitoring user = monitoring # Monitoring Debug switch. If switch is not true, monitoring # will not be logged. # If the switch is true, the global loglevel from opsiconfd is # used for logging monitoring # # Default: # monitoring debug = false monitoring debug = false ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - service settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [service] # The network interfaces to bind to. # This must be the IP address of an network interface. # Use 0.0.0.0 to listen to all interfaces # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # interface = 0.0.0.0 interface = 0.0.0.0 # The port where opsiconfd will listen for HTTP requests. # Use 0 to disable HTTP protocol # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # http port = 0 http port = 0 # The port where opsiconfd will listen for HTTPS requests. # Use 0 to disable HTTPS protocol # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # https port = 4447 https port = 4447 # The location of the server certificate. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # ssl server cert = /etc/opsi/opsiconfd.pem ssl server cert = /etc/opsi/opsiconfd.pem # The location of the server private key # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # ssl server key = /etc/opsi/opsiconfd.pem ssl server key = /etc/opsi/opsiconfd.pem # Ciphers that are accepted by the service when creating an # encrypted connection. # # Please refer to the OpenSSL manual for more information about # ciphers. # # Default: # accepted ciphers = accepted ciphers = ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - session settings - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [session] # Session name used in the session cookie. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # session name = OPSISID session name = OPSISID # If a client uses its fqdn and opsi-host-key for authentication, # opsiconfd will try to resolve the fqdn (username) by a system call. # If there is no result or the resulting IP address does not match # the client's address, the access will be denied. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # verify ip = no verify ip = no # If set to yes a client's ip address will be updated in the opsi database, # when the client connects to the service and authentication is successful. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # update ip = yes update ip = yes # The interval in seconds after an inactive session expires. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # max inactive interval = 120 max inactive interval = 120 # The maximum number of authentication failures before a client ip # is blocked for an amount of time. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. # # Default: # max authentication failures = 5 max authentication failures = 5 # The maximum number of sessions that can be opened through one IP. # # Default: # max sessions per ip = 25 max sessions per ip = 25 ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ; - static directories - ; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [directories] # Every option value pair (<resourcename> = <path> [(options)]) has to consist # of a resourcename and a path to a local directory. # The URL http(s)://<server>:<port>/<resourcename> will give # access to the content of <path>. # Opsiconfd needs to be reloaded (SIGHUP) for changes to take effect. / = /usr/share/opsiconfd/static (noauth) configed = /usr/lib/configed (noauth)
Grüße