Incorrect ncoprimary password

You can log in to the ncoprimary pod with an incorrect password.

Problem

When Data Encryption Standard (DES) encryption is used, only the first eight characters of a DES-encrypted password are read. Other characters are ignored. For more information, see Configuring the ObjectServer for user authentication external link icon in the Netcool®/OMNIbus documentation.

For example, go to the Red Hat® OpenShift® Container Platform UI. Select Workloads > pods and select the ObjectServer pod (ncoprimary). Go to the terminal and log in with an incorrect password.
/opt/IBM/tivoli/netcool/omnibus/bin/nco_sql -server AGG_P -username root -password omnibusa
If you enter a password with the correct first eight characters, for example omnibusa, you can log in to the ncoprimary pod, even though it is not the correct password, for example omnibusauto.

Resolution

As a workaround, change the password encryption type from DES to AES in the ObjectServer properties file in $OMNIHOME/etc directory. Set the PasswordEncryption property in the AGG_P.props file to AES.