Hey, long time since our last chat. I now have a problem with deleting a section on my 1.6 phpipam, the options next to it do not appear at all(no recycling bin or anything). Should I do something through the DB directly ? Thank you.
Hello @user-en9ox9gn2o, Before accessing the database, please confirm you have the necessary rights to modify the section. With your current account, check if you are the default phpIPAM admin. If not, ensure your account is at least an Administrator. You can verify this in Administration --> Users. Look for your user account and check the Role. If the role is not Administrator, but something like User, you likely won’t be able to delete a section. You will need to login with an account that is an Administrator or modify the group permissions on the section to allow your user account to delete the section.
Hello @mcand0, thank you for watching my video. Please take a look at my video, "php{IPAM} setting up a Linux Cron job for discovery and host health status" see if that meets what you need. Have a great day.
Hello @fhariqaulady3595 if I understand your question you want to discover a host using php{IPAM} that is installed on Docker right. If this is the case if you set up Docker correctly you should be able to add the subnet that you want to scan and discover the host in there. I am assuming that you have setup networking correctly in Docker to achieve that. One thing to try is can you ping the host from within the docker instance of php{IPAM}. If you can ping it then you should be able to discover the host. Have a great day!
Thank you very much for your videos, they are very good, I have a question, is there any way to make the scans automatically ? in case if you have any video ? I would love to scan the network and alert me when it detects a new device.
Hello @Walter.Vicari, So I don't have a specific video that covers your ask, which probably means I should make one. To start with look at my video php{IPAM} setting up a Linux Cron job for discovery and host health status. This shows you how to create the cron job needed for automatic discovery, and then you need to enable Mail State changes" and optionally you can enable "Mail changelog", in the config.php file make sure the following property is set to true, "discovery_check_send_mail" = "true". If you want MAC addresses and further I am working on a new video covering the SNMP feature, I will try to weave your ask into it. At present (as of this writing) it has not been released as I am on holiday, it may be out next week.
Thanks for your very helpful videos! Is it also possible to add the MAC addresses of the discovered IP-Addresses? I mean not manually but automatically by a scan. Sorry if this is a stupid question, I started with phpipam this week.
Hello @oliverkrause2387 the quick answer is yes, you need to enable the SNMP feature in the admin panel, also you need to install snmp on your server. Now since I do not have a video for the rest there is some setup needed to make sure this works, there also is an API. I think I will create a video on this now that I think about it. I havent done this setup in a while so give me a little time.
Hello again @riccardo2169, would you mind typing the following command at the cli without the quotes, "cat /etc/os-release" , and "lsb_release -crid" and posting the results. I am a little rusty at Debian, so bear with me.
Hello @user-tc7ch6mz2q, you need to enable Thresholds and Changelog. Unfortunately this can get quite chatty so you may need to get some email rules around this. Thresholds does not enable email, changelog does. If you just enable Threshold it only enables the dashboard so if you go to the home screen and then look to the right and click on the customers icon, and on the left select Threshold you will get the visual of your breeched Thresholds. Hope this helps have a great day!
Hi @user-en9ox9gn2o yes but test it first. If your new server is 1.6 and has nothing in it go ahead and do that. The best method would be to use the phpipam migrate method. On your source server from the command line do a dump of the database and migrate the file to the new server to folder /var/www/html/db/, make sure the name of the file is MIGRATE.sql. Next and I am assuming that the server is in new install mode, go to your browser and open and you should get the welcome to phpipam installation wizard. Select 2 Migrate phpipam installation and follow the prompts. Hope this helps, have a great day.
Hi thanks for the answer, i am planning on testing it by dumping the old one and importing it to the new one. Because I already installed the new phpipam and the option for migration is not available.Great video by the way. 😁
Thank you I appreciate the kind feedback. If the 1.1 has the import export feature you may want to explore the Data set export from 1.1 and import on 1.6 this feature is in the top area of import export under administration. Good luck and have a great day.
I tried it but got this message: Database upgrade check-Your phpipam is too old to be upgraded, at least version 1.4 is required for upgrade. What would you suggest to do in this case. Is there any easy solution to this.
Hello again so this is possible however I am not sure about your case 100 percent but this may be a path forward for you. I built a current lamp stack that I would build for phpipam in my lab. Next I downloaded from sourceforge, sourceforge.net/projects/phpipam/files/, phpipam-1.1.tar and installed like I would normally for phpipam 1.5 or 1.6. I didn't care to use the webserver just the database, I modified a few fields via the database command line to see if and upgrade would work I added a section to the sections portion of the database. In your case you would take your database and install to a new test server. Subsequently I followed this method to upgrade, using git I went from 1.1 db version to 1.3.2 then 1.4, then 1.5 and finally to 1.6 the process is pretty basic. I found errors when I tried to skip over so I just went through and updated incrementally. Below are my notes on the upgrade process. So starting with version 1.1 I untared the files from source forge into /var/www/html and added the database into mysql as per the install instructions in 1.1. Then I deleted everything under /var/www/html/ and proceeded to upgrade. Next from the cmd line perform the following cd / git clone --recursive github.com/phpipam/phpipam.git /var/www/html/ cd /var/www/html/ git checkout -b 1.3.2 origin/1.3 under /var/www/html cp config.dist.php config.php confirm settings for db user and password open web browser and go to server click upgrade phpipam database Reset password Go back to webmin delete everything under /var/www/html/ Next from cli cd / git clone --recursive github.com/phpipam/phpipam.git /var/www/html/ cd /var/www/html/ git checkout -b 1.4 origin/1.4 under /var/www/html cp config.dist.php config.php confirm settings for db user and password open web browser and go to server I got message here that it did not like my version of php as I was on 8.3 dnf module reset php dnf module install -y php:remi-7.4 refreshed webbrowser and database upgrade screen came up click upgrade phpipam database Go back to webmin delete everything under /var/www/html/ Next from cli cd / git clone --recursive github.com/phpipam/phpipam.git /var/www/html/ cd /var/www/html/ git checkout -b 1.5 origin/1.5 under /var/www/html cp config.dist.php config.php nano config.php change host to 'localhost' this is a change from previous files open web browser and go to server prompted to login click upgrade phpipam database Database upgraded successfully! Go back to webmin delete everything under /var/www/html/ Next from cli cd / git clone --recursive github.com/phpipam/phpipam.git /var/www/html/ cd /var/www/html/ git checkout -b 1.6 origin/1.6 under /var/www/html cp config.dist.php config.php nano config.php change host to 'localhost' Savage at cli do dnf module reset php dnf module install -y php:remi-8.3 open web browser and go to server prompted to login click upgrade phpipam database Database upgraded successfully! Hopefully this works for you! I will try to do a video for this in a few days. Have a great day!
Hello @federicospadaro Check out my video, Rocky Linux 9 Lamp Stack with Webmin it goes over how to install Here are just the commands to get webmin installed. **** Download the current version of Webmin with the command: wget www.webmin.com/download/webmin-current.tar.gz **** Unpack it with the command: tar xvf webmin-current.tar.gz **** Create a directory for Webmin with: sudo mkdir -p /usr/local/webmin **** Configuration of Webmin sudo ./webmin-2.110/setup.sh /usr/local/webmin/ **** Finally open the firewall with the commands: sudo firewall-cmd --add-port=10000/tcp --permanent sudo firewall-cmd --reload
Hello @3001alam , here are the commands to reset the MariaDB root password First stop MariaDB (MySQL) daemon if it is currently running CMD: systemctl stop mariadb Next run MySQL safe daemon with skipping grant tables CMD: mysqld_safe --skip-grant-tables & Login to MySQL Server as root with no password CMD: mysql -u root mysql Next run an UPDATE query to reset the root password In Mysql type: UPDATE user SET password=PASSWORD("<a new password>") WHERE user="root"; Next type: FLUSH PRIVILEGES; Stop and restart the MariaDB daemon systemctl stop mariadb systemctl start mariadb
@@thetechguysguide Thank you so much. Now I have another issue: after resetting the password, no longer get access with New password. I can't have the login page; it showing as phpipam installation wizard page. # mysql -u root -p Enter password: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Okay try the following notice there are some new steps First stop MariaDB (MySQL) daemon if it is currently running CMD: systemctl stop mariadb Next run MySQL safe daemon with skipping grant tables CMD: mysqld_safe --skip-grant-tables & Login to MySQL Server as root with no password CMD: mysql -u root mysql Do a flush privileges first CMD: FLUSH PRIVILEGES; Next run an UPDATE query to reset the root password In Mysql type: ALTER USER 'root'@'localhost' IDENTIFIED BY 'new_password'; Next type: FLUSH PRIVILEGES; exit Stop and restart the MariaDB daemon systemctl stop mariadb systemctl start mariadb Also you will need to update the config.php file with the new password you put in above It is located here /var/www/html/config.php on line 9 look for this $db['pass'] = '' you will need to update this with your new password.
Hello and thank you for watching my video, @3001alam. To answer your question, the database contains everything in phpIPAM, so that includes everything that you input into phpipam, like devices, subnets, vlans etc. as well as how you configured phpipam like settings and preferences through the web interface.
Hello, is there a way to give access to a user only to a specific folder? And hide all other folder? Is there also a way to copy subnets from a section to an another?
Hello @riccardo2169 thank you for watching my video. To answer your first question, is there a way to give a user access to only a specific folder and hide all others. Yes there is, I am going to answer this based on the default config out of the box since I can't do screen shots here. So first go to Administration --> Groups --> Create Group --> Call it test1234 --> Next go to Administration --> User -- Create User --> tjones in my case Fill out upper half to your preference scroll down where groups is click/add test1234 --> Set all module permissions to read you can set later to your preference. Save --> On the left Pane after creating your user tjones in group test1234 look for Sections, look for Customers --> Click Pencil on far right to edit. --> Under Permissions test1234 should be na select ro, change delegate to no and select edit/save. --> Click house button upper left ---> Next highlight Subnets --> Click Customers --> find My folder (under subnet title) --> look to the far right where there is the pencil, hamburger and the X select the one in the middle, Hamburger --> you should see the group test1234 currently set to na, set it to ro for now change to your preference later, select no for do not propagate changes --> click Set permissions (to save)--> Next move down to 10.10.2.0/24 look to far right and find the hamburger as previously described. --> set group test1234 to ro. This should set your test user tjones to Read Only and only be able to see the subnet 10.10.2.0/24 in folder My Folder under Customers. Hope this helps, fyi I probably will create a video for this since. As for your second question can you be a bit more descriptive as to what you want to do? Thanks and have a great day.
Hello again as for your second question, can you be a bit more descriptive as to what you want or are trying to do? Is it that you want different sections to see the same subnets?
I had noticed a couple of weeks ago that RIPE Import not works. I assumed that my installation was faulty. Thanks for confirming that all is ok on my side.
@grokit Thanks for watching my video! Have a great day and consider creating a ticket on Git, you should see your errors if you installed following my video in the /var/log/php-fpm folder and see the error message in www-error.log
Your videos are great wondering if you could release one going through the SNMP features and what that brings back. I have set devices up and tested them and it says successful but what next
@donor0kebab Hello I have gone back and forth on the SNMP module and with the current release it does not work as it is supposed to I get Jquery errors. I reverted back to 1.5.3 same issue, I see others in git seem to be having an issue when I get a chance I will try on Ubuntu but I doubt that is is the issue. Sorry.
Hello @theoerrobat Thank you for watching my video. So if I understand your question you have already created the crt and key files and are asking where to place them. If you are using RockyLinux 9 you would place them into /etc/pki/tls/certs/. Also on your server did you install mod_ssl to support using certificates. Command to install dnf -y install mod_ssl
Take a look at this on haproxy's website. It is not exactly the same as your configuration but may point you in the right direction. discourse.haproxy.org/t/help-with-getting-https-working-through-phpipam-docker-using-haproxy/6585
Thanks for the video. Do you happen to know if the function "RIPE import" is supposed to work? And if yes, how to make it work? In my case, I always get jQuery error! Internal Server Error Status: error Error: Internal Server Error Any idea?
@grokit Hello and thanks for watching my video. So first off yes it does work but in 1.5.3, it seems broken in 1.6.0. In my test lab l was able to successfully pull from my 1.5.3 server, on my 1.6.0 server it is showing php fatal errors and failing as you describe. You may want to check that you have internet access and also that you have selinux properly configured. Hope this helps, have a great day.
So I am finding that there seems to be an issue with TLS integration and it is taken me some time, and at this time I am not able to create the video. I am going to have to work on it when I get more time, sorry I was not able to help.
Hello, Thanks for your video. It's pretty good. I have just one question. What is the possible solution to enter the DHCP range, who is just the party of range ?
Thank you for watching my video. So if I understand your question you have a subnet lets say 192.168.0.0/22 which has a usable range of 192.168.0.1 - 192.168.3.254 and you only want to have a portion of the range setup to scan and do discovery checks lets say 192.168.0.0/30. What you could do is nest the subnet whereby you would create a master subnet and then create subnets beneath it. Check out my video on php{IPAM} Setting up a new Section and creating nested IP Subnets, you would follow this format to create a top level and nest beneath. I hope this answers your question have a great day.
Hello , i follow along your tutorial , im maybe missing something but i get the following error : GoogleAuthenticator submodule missing. and i don't know how to correct it . Good work ty
Hello and thank you for watching my video. It sounds your GoogleAuthenticator folder is missing or not installed. It is located under, if you installed following my videos instructions, under /var/www/html/functions/GoogleAuthenticator/. If it is not installed then I would suggest fixing by either copying down that folder from GIt or trying a clone from git at the root of you installation for instance cd /var/www/html/ then do a git clone --recursive github.com/phpipam/phpipam.git. Please note before doing this take a backup of your server and database and folder. Good luck!
I believe you had a question about users and ldap and populating them I am sorry I could not get to it sooner. It is complicated but possible to create the users in the database. Let me know if you still need help.
@@thetechguysguide Sorry, i deleted my previous questions about the saml2 authentification and the users imports because i found the solution and i don't wanted you to loose your time to answer. Thank you a lot for your video it make it easier to understand.
Hello and thank your for watching the video. So the way it works in my opinion is that Locations contain Racks which contain Devices and subsequently Circuits, ie going to Routers and Firewalls. Circuits link or connect Locations together.
Hello you are correct that the default settings are set to a /24 or smaller. However the author LedoB on github created an enhancement that allows you to go to a /19. Here is the link "github.com/LedoB/phpipam-subnet-visual" You will need to replace the two files as the author states in their respective locations and then go to the Administration Panel scroll down to Display Settings and look for IP visual display limit, there is a drop down allowing you got go to /19. Hope this helps have a great day.
Hello and thanks for the question. In regards to your questions I am assuming a few things here. You are on premise and using Azure Active Directory now Entra. In light of that you could try to use freeradius to integrate between your on premise phpIpam and use Azure Active Directory now Entra to authenticate. Or are you asking about a different integration like Okta, or Cisco's Duo? I have already done a video with Cisco's Duo For the second part of the question, if you had a site to site vpn into your Azure cloud to your on premise phpipam and enabled IMCP to pass into and allow Ping as well then it should work. I hope this helps Have a great day!
