After the update from “check-mk-enterprise-2.2.0p17_0” to “…2.2.0p18_0” our Agent-Register-Process broke and we get the error seen above.
The host only has the typical “TLS is not activated on monitored host”-Error, all other Services are “OK”.
The credentials didnt change and we tested it with another account (with “Normal user login with password”), wich had the roles “Administrator” and “Agent registration user”. The outcome was the same.
The powershell we used on the client to register is found below:
hey, thank you for your quick answer!
i solved it yesterday short before i went home, so im gonna share my findings for you guys:
TLDR: create the following file with the cleartext-password of the default “automation”-User (even if u use another user in the agent-register script):
“/omd/sites/YOURSITE/var/check_mk/web/automation/automation.secret”
Detailed Version:
checkmk seems to use 2 checkMK-Users:
“automation”-User
the user you use in ur agent-register-script
and even if you dont knowingly use the automation-user, its pw is used in the file: “/omd/sites/YOURSITE/var/check_mk/web/automation/automation.secret”
so if u get the “Request failed with code 401 Unauthorized: Unauthorized - Details: Wrong credentials (Bearer header)”, it means u have the wrong pw in the mentioned file
and if u get the “Request failed with code 500 Internal Server Error: Internal Server Error” it means, that the file “/omd/sites/YOURSITE/var/check_mk/web/automation/automation.secret” is not even created.
i hope it helps someone else save some time.
Best Wishes!
I’m having the same error as OP. I’ve verified that there was a password in the automation.secret file. I regenerated the automation user password and updated the automation.secret file to match. I continue to get the same result, whether I specify my normal agent registration user, or the automation user. I’m running the command as follows, from the Windows machine I’m trying to register: