Jump to content

TNI scan ubuntu 20.04


Recommended Posts

Hi all,

may someone can help the problem. It's a fresh installation of Ubuntu 20.04

 

 (1 / 5)                               Status
-----------------------------------    ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
bkvirtcont1.BKDOM.LOCAL   Microsoft    Scan-Vorgang fehlgeschlagen: SSH: Error: Insufficient privileges to run the application.; SMB: Port offen, aber Protokoll übersprungen; VMWARE: Port offen, aber Protokoll übersprungen
 

Link to comment

Hi, Kevin.

Please let us know if you can connect to this Ubuntu machine via SSH using the same credentials that you have in the TNI scanner (in the SSH column).

In addition, please try scanning this system by running the linux agent manually. Copy the agent file tnilinagent_x64 from the TNI installation folder to this Ubuntu machine and run the agent using the following command:

chmod 755 tnilinagent_x64
tnilinagent_x64

Let us know if there is an error message in this case. The agent should generate an INV file in the same folder in a few minutes.

Link to comment

Hi Alex,

thanks for your reply.

This error is shown, I can only use the tnilinagent:

domainadmin@linuxtestvm:~$ chmod 755 tnilinagent
domainadmin@linuxtestvm:~$ sudo ./tnilinagent
./tnilinagent: line 42: /root/tmp.naT0kEB5Us/tnilinagent: No such file or directory
domainadmin@linuxtestvm:~$ ./tnilinagent
./tnilinagent: line 42: /home/domainadmin/tmp.BDZlztVXXN/tnilinagent: No such file or directory


It generate no INV file, may the agent is not uptodate? 
Is there a special folder this agent should be?

Any Idea what's the problem?

Authentication over SSH and PAM.
 

Edited by KevinTNI
Link to comment

Hi Kevin,

Such an error may occur if you run a 32-bit agent on a 64-bit OS. Are you sure that the OS version is not 64-bit? Otherwise, you need to use the tnilinagent_x64 agent version instead of tnilinagent.

If you are sure that the version of the agent is correct, please check if the agent is present in the folder, from which you are trying to run it.

In addition, you can also try executing the chmod command under the sudo account.

Let us know if the problem persists.

 

 

 

 

 

Link to comment

Hi Alex,

then I get this error:

domainadmin@bkvirtcont1:~$ sudo ./tnilinagent_x64
Error: Insufficient privileges to run the application.
domainadmin@bkvirtcont1:~$ ./tnilinagent_x64
Error: Insufficient privileges to run the application.

 

How can I give in Ubuntu the user privileges for this application?

Where I can download the current agent?
 

Link to comment

>Where I can download the current agent?
If you have the latest version of the program (4.9.0) installed, the current version of the agent is always located in the folder where the program is installed:
C:\Program Files (x86)\Total Network Inventory

Regarding the user privileges, have you tried the chmod command for the 64-bit version of the agent (before running the agent)?

chmod 755 tnilinagent_x64

 

Link to comment

Dear Kevin,

In this case, try running the agent file from your user's home folder.

If the problem persists, try running the agent as a local user with administrator rights.

Let us know the result.

Link to comment

Dear Kevin,

Yes. These are the latest versions of the Linux agents.

It appears that the mechanism that performs privilege checking does not work correctly with your virtual system. I've forwarded this information to our QA team.

Could you please check if you encounter the same problem on another VM or a physical Linux system?

Link to comment

Dear Kevin,

There may be a problem with the scanning agent. Please let us know how the VMs are configured so that we can reproduce the problem in our environment.
We need the following information:

1. Virtualization platform.
2. What do you use as a domain controller for the Linux VMs. How the connection to the DC is configured.
3. Additional packages installed on the VM and their configuration (related to authorization and domain).

Link to comment

Dear Alex,

1. Hyper-V
2. We use AD from Microsoft, it's configured with Kerberos / SSSD / PAM (install sssd heimdal-clients msktutil)
3. We only installed SSH access
4. Configuration

SSSD example:

[sssd]
services = nss, pam
config_file_version = 2
domains = nots.local

[nss]
entry_negative_timeout = 0
#debug_level = 5

[pam]
#debug_level = 5

[domain/nots.local]
#debug_level = 10
enumerate = false
id_provider = ad
auth_provider = ad
chpass_provider = ad
access_provider = ad
dyndns_update = false
ad_hostname = ubuntu-desktop.nots.local
ad_server = winserver19.nots.local
ad_domain = nots.local
ldap_schema = ad
ldap_id_mapping = true
fallback_homedir = /home/%u
default_shell = /bin/bash
ldap_sasl_mech = gssapi
ldap_sasl_authid = UBUNTU-DESKTOP$
krb5_keytab = /etc/sssd/my-keytab.keytab
ldap_krb5_init_creds = true

krb5.conf example:

[libdefaults]
default_realm = NOTS.LOCAL
rdns = no
dns_lookup_kdc = true
dns_lookup_realm = true

[realms]
NOTS.LOCAL = {
kdc = winserver19.nots.local
admin_server = winserver19.nots.local
}

Link to comment
  • 2 weeks later...
  • 2 months later...

Dear Kevin,

Sorry for bringning the bad news, but it turns out that solving this problem requires a major rebuild of the existing Linux agent. This task is currently postponed as it will take a significant amount of time to rebuild the agent from scratch.

We need more feedback to prioritize this task.

 

Link to comment
  • 4 weeks later...
  • 3 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...