2.9 beta Free PBX Login

I upgraded the framework to 2.9.0 beta 1.2 on Sunday and now my password for the FPBX login is not being accepted. I don’t know if the two occurrences are related, has anyone else experienced problems?

I have tried changing the freepbx password but that has not resolved the problem, I still cannot log in to the GUI.

I am having the same issue. Upgraded from 2.7 > 2.8 > 2.9, cannot login with default login/pass (i hadnt changed it, this is a fresh install). I followed the directions above with no luck. I will open a ticket if you like - until then I will assume I did something wrong and wait for a reply.

sounds like you were probably using your database credentials to login and there is a valid user/password that you may not be aware of.

you can remove authentication by typing:

amportal admin auth_none

and then go in and figure out who the admin user is or create a new one. The turn authentication back on either in the Advanced Settings or with:

amportal admin auth_database

Fantastic, this did it, although I am not sure why. I appreciate the fast response.

I just upgraded to 2.9 on 5/6/11 17:00 CST and had the same symptoms as above. I was able to get into my system after following the instructions as well after spending about 6 hours making sure all was good.(Thank you) I noticed that if you log out and then try to log back in that you aren’t prompted for the user id and password unless you close your browser and then re-open. This happens on IE8 and Firfox 4. Also I noticed that the FOP is still enabled after disabling. Let me know if I can help with providing any more information.

Thx

Phillipe

Yesterday I upgraded another box to the 2.9 Beta and everything worked just fine afterwards, the old password and username continued to work and everything looks right in the GUI.

T

raulruben,

you should file bugs when you see such issues. This was suppose to be fixed, it looks like all the logic except the actual fix was added :frowning:

This needs to be put in:

Index: migrate_ampconf.php
===================================================================
--- migrate_ampconf.php	(revision 11662)
+++ migrate_ampconf.php	(working copy)
@@ -107,6 +107,7 @@
   if (DB::IsError($admin_users) || !$admin_users) {
     out(_("setting AMP_ACCESS_DB_CREDS to true"));
     out(_("[WARNING] this is a security risk, you should create an admin user and disable this vulnerability."));
+    $current_amp_conf['AMP_ACCESS_DB_CREDS'] = true;
   } else {
     out(sprintf(_("%s admins"),$admin_users));
   }

It would be helpful if you have logs from the upgrade to see if at least the proper logic was followed and the messages above were spit out. It should at least have detected the situation.

I added a ticket #4929

btw - there are options in amportal to get back in, ‘amportal help’ to see them.

I had the same problem and went to the database … changed AUTHTYPE to none … anyway I did exactly what he did and it now seems to be working fine. Thanks

We had not changed the default user or password … and it would not let us in with the default user and password. We were locked out until we did the above.

Just wanted to clarify as the ticket seems to imply that this only happens when there is another username and password.

I also want to thank everybody for helping … we run an office with a call center … and we know a much bigger call center … all using asterisk and freepbx. You guys are great!!! Keep up the good work.

Phillipe

Very many thanks for your prompt attention to the issue. I look forward to the solution.

T

I’ve added the ticket: #4847

please file a bug per the request.

You did two things. First you changed to ‘none’ for authtype which let you back in.

Next, you opened a ‘back door’ that used to be the default, which is to allow you to login to the GUI with your database credentials. That has been changed to be disabled by default as it presents a potential security issue since a lot of people unfortunately leave their servers open to the web and don’t ever change the default values.

Phillipe

I went to the freepbx_settings table and found AUTHTYPE was set to database, I edited this to none and was then able to get into Freepbx without security.

Once in I looked through Advanced Settings and changed Allow Login With DB Credentials from False to True. I then went back to the database and changed AUTHTYPE back to database.

Now security has returned and I can log in with my normal username and password.

I am not quite sure what the significance of what I have done is. Could you give me some insight?

Once it’s none it is controlled by apache (if controlled at all).

You can check in the freepbx_settings table in the database to see if the change took, you will clearly have to make a pass through a page load for that to happen.

You can try running retrieve_conf from the CLI (sudo -u asterisk /var/lib/asterisk/bin/retrieve_conf ) as that should force bootstrap to run and change any needed settings.

Phillipe

I followed your instructions and yes, AUTHTYPE type was set to database and I changed it to none but am still unable to get in.

T.

could be a ‘migration’ issue, if so, we probably need to report a bug.

In the past FreePBX defaulted to ‘none’ for AUTHTYPE in amportal.conf. We switched that to ‘database’ because of security.

When set to ‘none’ then most people are using http authentication.

My theory is that you were previously ‘none’ but not set at all in the amportal.conf file. When you migrated, since we did not find a previous setting, we set it to the new default, and thus you can’t get in.

Try the following:
[list]
[] chown root:root /etc/amportal.conf
[
] chmod 640 /etc/amportal.conf
[*] Edit /etc/amportal.conf and set AUTHTYPE=none
[/list]
now see if you can get it. Once you have, it should have changed you to ‘none’ and if so, then you should now go back and:

chown asterisk:asterisk /etc/amportal.conf

so that the new Advanced Settings are run out of the database.

If this ended up as your problem, please file a bug. We should address the lack of previous AUTHTYPE in amportal.conf as being set to the old default during migration in that case.

Thanks for following through on this if it is your problem.

Testing the distros for a new office deployment and was testing latest AsteriskNow - upgraded 2.7->2.8->2.9 and then could not login using the freepbx / fpbx - so still not resolved. Have just used the above workaround to regain control.

J

I just performed a fresh install on my dev machine using the tar ball downloaded from the main page (wget http://www.freepbx.org/freepbx-2.9.0.tar.gz) and could not login. I tried editing amportal.conf and set AUTHTYPE=none and that did not work. restarting amportal caused the value to be changed back to database.

The fix was to run “amportal admin auth_none”

Thanks… just what I was looking for :slight_smile: