Maximo maxsessions showing Server IP instead of Client IP

MAXSESSIONS table shows the current list of user sessions and also contains client Hostname and IP addresses. Depending on the implementation architecture of webserver, firewall, load balancer etc the  client IP in maxsessions table might show only the server IP all the time. This is due to the HTTP XFF header which may not be getting forwarded correctly for some reason.  In our case, one of our clients faced this issue and I had to forcibly set header using a rewriterule in HTTP server.

Go to the HTTP server directory. Usually something like <installation_path>/IBM/HTTPServer/conf/httpd.conf

Added the below lines in httpd.conf. Also make sure that the mod_rewrite.so and mod_headers.so mods are enabled in the same file and not commented out.

####### set "X-Forwarded-For" header as Client IP######

#set XFF header to get the Client IP address in Max Sessions table

RewriteEngine on

RewriteRule ^(.*) - [E=CLIENTIP:%{REMOTE_ADDR},L]

RequestHeader set x-forwarded-for %{CLIENTIP}e

I also had to set the maximo's system property mxe.system.usingLoadBalancer=1 which was 0 by default. It didn't require any restart only live refresh.

After making these changes just restart the webserver alone and changes would take effect and Client IP addresses started appearing correctly in Max sessions table. One more problem this solves is that sometimes due to multiple login attempts maximo can block that particular IP addresss. Earlier it would have blocked everyone's access to maximo. After fixing this, only that particular would get blocked.

Comments

Post a Comment

Popular posts from this blog

BMXAA6713E - The record could not be retrieved from the database. Error

Getting below error in Maximo System Logs [ERROR] [MAXIMO] [] BMXAA6713E - The MBO fetch operation failed in the mboset with the SQL error code 17006. The record could not be retrieved from the database. See the log file for more details about the error. java.sql.SQLException : Invalid column name at oracle.jdbc.driver.OracleStatement.getColumnIndexPrimitive(OracleStatement.java : 3810 ) at oracle.jdbc.driver.OracleStatement.getColumnIndex(OracleStatement.java : 3777 ) at oracle.jdbc.driver.InsensitiveScrollableResultSet.findColumn(InsensitiveScrollableResultSet.java : 268 ) at oracle.jdbc.driver.GeneratedResultSet.getObject(GeneratedResultSet.java : 570 ) at psdi.mbo.MboSet.getNextRecordData(MboSet.java : 3457 ) at psdi.mbo.MboSet.fetchMbosActual(MboSet.java : 2941 ) at psdi.mbo.MboSet.fetchMbos(MboSet.java : 2898 ) at psdi.mbo.MboSet.getMbo(MboSet.java : 2114 ) at psdi.app.common.purchasing.FldPurContractRefNum.validate(FldPurContractRefNum.java : 86 ) at psdi.mbo.MboVa...
Read more

Rebuilding Maximo Text Indexes due to Query performance issues

Image
Sometimes it is necessary to rebuild text indexes after database move or copy from Prod to other instances. IBM does have an article for Rebuilding Oracle Text Indexes . Basically this process drops all the domain indexes and recreates them.  These are the steps are just walkthrough with the same process in detail. 1. Follow the steps in the above article to remove any DBMS jobs Remove any occurrences of DBMS_JOB Determine how many DBMS_JOBS are running by executing this from SQLPLUS logged in as the schema owner: select job, substr(what,1,80) from user_jobs; For each result where "what" contains maximo_ts_job, execute the following commands: begin dbms_job.remove(####); commit; end; / Substituting one of the job numbers from the select for the ####. 2. Change the job  Change to use DBMS_SCHEDULER Recreate the job submission procedure and run it: CREATE OR REPLACE PROCEDURE maximo_ts_job_call AS BEGIN   dbms_scheduler.create_job(   job_name => 'MAXIMOTSSYNC', ...
Read more

List of things checked by Maximo Integrity checker

Maximo Integrity checker is a pretty useful tool to identify issues in Maximo database  Below are some of the things checked by integrity checker and the sample errors returned. 1. Extra tables in database which are not part of Maximo BMXAA0442W -- Warning - BMXAA0475W -- The following tables should be removed from the database because they do not exist in the schema: Sun May 30 12:08:47 GST 2021    APPLICATIONAUTH_BKP    DOCLINKS_POBKP    ABC_MIGR_TEST 2. Missing Indexes BMXAA0443E -- Error - BMXAA0465E -- The following indexes are missing from the database. Use the Database Configuration application to remove the index definition. 3. Missing user groups, invalid users etc BMXAA0455E -- The following users should be removed because they are not authorized. To correct this error, run the Integrity Checker in repair mode. BMXAA0458E -- The following user groups were not found in the MAXGROUPS table. Run the Integrity Checker in repair mode. 4. Invalid M...
Read more