Database Remote Access issue

[vaio1]

Hi Guys,

if I try to connect my pc by a simple database client from a remote location to a database previously configured in ISPConfig with the Remote Access option enabled I get an error message:

SQLSTATE[28000] [1045] Access denied for user 'myuser_adm'@'webserver.mydomain.com' (using password: YES)

If I try to delete in the textbox "Remote Access IPs" the automatic IP set, the IP remains the same.

How have I to solve it?

thanks

[vaio1]

Hi Guys,

I have found a bug in ISPConfig.
Updating ISPConfig to the last version of the software I have noticed that the database users have the password hidden with the MD5 method.

The problem are the old users who have a clear password!

The upgrade doesn't update the clear passwords to the MD5 password.

Another bug is the check of the Remote Access Control. ISPConfig doesn't update the preferences set in the administration control panel.

I cannot share the user database credencials but I can tell you that some of these credencials in the web_database_user have not a password encrypted.

Please this is really important to solve.

thanks

[till]

Quote:

I have found a bug in ISPConfig.

Thats no bug and nothing that requires a change at all. The encryption has been changed and it is implemented in a way that does not require to alter any old records. We just decided to save passwords in encrypted form for mysql users now. Just for your info,Plesk stores them still in plaintext.

Quote:

Another bug is the check of the Remote Access Control. ISPConfig doesn't update the preferences set in the administration control panel.

Which remote access control? You mean remote users in the System module? If I edit and save them, changes are saved fine on my server.

[vaio1]

I am talking about the bug that doesn't update the old plaintext password to the new md5 password. ISPConfig has created a little bit confusing in the records of the mysql table mentioned above.

Yes, remote connection checkbox preference is not saved.

thanks

[till]

Quote:

I am talking about the bug that doesn't update the old plaintext password to the new md5 password.

Thst intended and not a bug. I explained that already.

Quote:

ISPConfig has created a little bit confusing in the records of the mysql table mentioned above.

No. Its exactly as it should be.

Quote:

Yes, remote connection checkbox preference is not saved.

You still did not explain about which form you are talking here.

[vaio1]

If this promiscous credencials methods are not the problem why deleting and recreating the user attached to the database solve the problem?

Code:

You still did not explain about which form you are talking here.

Go to the administration panel > Web sites > Database > Select a database > Remote IPs checkbox

[till]

Quote:

If this promiscous credencials methods are not the problem why deleting and recreating the user attached to the database solve the problem?

This is not related. And as I explained above, the way to store mysql passwords has been changed. Older ispconfig versions stored them in cleartext like plesk handles it and newer versions stores them encrypted.

Quote:

Go to the administration panel > Web sites > Database > Select a database > Remote IPs checkbox

Make a bugreport for it then we will check it.

[rickyaliasgar]

Try remotely accessing your computer using remote support tool such as logmeinrescue, gosupportnow, GoToMyPC etc. and check whether it works or no.