i believe w/ ADK you should not be prompted for a username or passwd as that should be read from the kerberos ticket. are you having this problem in nsh on the same system where you can log into the gui ok ?
Bill, thanks for the response.
The GUI I'm using is the Server Automation Console 8.2.01.290 (thought I'd mention it to ensure we're talking about the same thing). I have to enter my password every time I login (Unless I save it).
In the GUI there is a certificate listed in the certificates section of the login screen. Also I'm using domain authentication as my authentication method. Below I've inserted two screens which show my setup. In the General tab I see "Authentication method used to acquire session credential: Active Directory / Kerberos password based user authentication."
Any idea what blcred / blcli commands I should be using?
blcred commands used were correct.
If I'm not wrong, from the screenshot, username is just "USERNAME". Can you make sure that you are using the same credentials through blcred that worked with GUI login?
Never mind, I was wrong. The way you provided input was correct for username, using domain authentication.
can you try: blcred cred -acquire -profile Main -username USERNAME
? (no domain)
Unfortunately it doesn't work without domain either and produces exactly the same error.
A colleague and BL admin was able to acquire a session using blcred on my machine, using the same commands as above.
So both of these things seem to indicate that I either don't have permission from the command line (strange that I do from the GUI) or that I'm not in some group on bladelogic.
The BL admin is looking into it. If anybody has any insight I'd be glad to hear it, otherwise I'll post back if the situation changes.
there shouldn't be any difference from you logging in from the gui vs logging in from the commandline. there are no separate permissions for that.
check your Profilename from ....\NSH\br\authenticationProfiles.xml file which one to use, the locally saved profile name is not the one which bl uses
The admin guys have mentioned something about a proxy that needs to be setup before I will have command line access. Not sure what they mean, because it seems to me that the GUI and the command line should use the same authentication method. Also they have command line access.
I'll wait and see and post back next week. Thanks for the suggestions guys.
the GUI makes a connection directly to the appserver. when you use NSH your system is making a directly connection to the target agent. in may environments this is not allowed or not possible, so in that case you can configure your nsh client to use the 'nsh proxy' which connects to a service running on the appserver. your role needs to be granted a specific permission (NSH_Proxy.Connect) and you need to have the 'C:\windows\rsc'secure' file modifed on your client system, along w/ the actual nsh proxy service setup on the appserver(s)