Automation needs to change the password (enforced)


after upgrading check_mk to 2.1.0p16, we need to change few passwords, only the automation user where I cannot change the password. The automation user is just used for API requests, I still tried to set a password for the user. But it doesn’t work. I tried to change the automation secret over WATO but it didn’t help, I tried also to use the cmk-passwd tool, but I still get the Error.

I get the following exception when using the automation user:

raise RuntimeError(pprint.pformat(resp.json()))\nRuntimeError: {'status': 401, 'title': 'automation needs to change the password (enforced).'}

Which password is actually ment, and how to change it?


It seems there was a password for the automation user in htpasswd. After reset it works fine again.

I had the same issue, but it still gives me the same error even after changing the password.

I tried using both cmk-passwd and WATO. I can see that the password has been updated in etc/htpasswd on all sites and now starts with $2, but still get the same error:

“Request failed with code 401 Unauthorized: automation needs to change the password (enforced).”

Try to change the automation account to Normal user login with password without setting a paasword and ensure to uncheck the Change password at next login or access option, save and activate changes. Then get back to the automation user and switch back to the option Automation secret for machine accounts and paste your know automation secret, save and activate changes.

Hope this helps.

Yep, that appears to have solved it for me.

1 Like