We have had several reports recently of issues with customers not being able to authenticate to the plugin and the following error displayed in the corresponding plugin logs:
2021-04-09T12:30:51.2915673+01:00 [1.0.0.134] List`1 :: CREATE TABLE IF NOT EXISTS plugin_sophos_central_pld_pluginlog (`Id` INT,`UtcDate` VARCHAR(255),`FullVersion` VARCHAR(255),`MajorRelease` SMALLINT,`MinorRelease` SMALLINT,`MaintenanceRelease` SMALLINT,`BuildRelease` SMALLINT,`Class` VARCHAR(255),`StackTrace` TEXT,`ErrorId` INT,`Message` TEXT,`InnerException` TEXT,`ErrorType` VARCHAR(255));
Initially we were able to provide a work around to assign user classes and effective permissions to the Sophos Plugin Admin and Sophos Plugin User classes as described in our wiki article, However this may not work in all cases.
In working with Connectwise, we were able to identify what we believe to be the root cause as a change made on their side in release version 2021.1 that changes the way plugin applications connect to the Connectwise database.
Connectwise has also offered a support article on this issue as well (content copied below for easy access). However, at current it only covers on-prem installs. We are working to understand this change better and provide a more comprehensive fix for all versions in a future release.
Overview
ConnectWise Automate® On-Premises users often connect directly, or connect applications, to the MySQL database. Prior to Automate version 2021, on-premises partners could access the MySQL database with Automate user credentials. As of 2021.1, this is no longer possible. Because we do not support the direct use of the application database or applications that require it, we recommend creating a new MySQL user that will not interfere with MySQL users managed by Automate.
Qualifying Conditions
- ConnectWise Automate On-Premises
- MySQL Database
Recommendation
It is recommended to create a MySQL user that will not interfere with MySQL users managed by Automate. For creating MySQL creating users, please refer to the links in the Additional Resources section of this document.
To create the MySQL user:
- Connect to the MySQL database as a user with root access.
- Create a new MySQL user and add any necessary privileges or permissions.
- Save the user.
- Add the details of the new user to the Users table in the LabTech database:
- Add a row with a unique negative user ID (e.g., -10).
- In the name column, enter the username of the new user.
- Save the new record.
- Confirm the record is saved properly.
- Restart the database agent (ltagent service) to confirm the user has been added properly.
- If the user remains in MySQL after the database agent has been restarted, the user table record has been added correctly.
- If the user is removed from MySQL after the database agent restarts, you must re-add the user. Ensure that the username contains no specials characters or trailing or leading white spaces.
Additional Information
User table entries that are negative values cannot be used to log in to Automate. Automate will remove any MySQL users that are not in the User table or managed by Automate.
Additional Resources
The following documentation links for creating MySQL users and inserting data into tables have been provided for your reference.
- MySQL 5.7 Reference Manual: Adding Accounts, Assigning Privileges, and Dropping Accounts
- MySQL 5.7 Reference Manual: INSERT Statement
- BrightGauge Documentation: Add a User in SQLyog
This thread was automatically locked due to age.