[BUG] Forbidden 403 to access /ocsinventory path

[victorjah50]

OCS Inventory version
Version Server: 2.12.2
Version Agent: 2.10.1.0

Describe the bug
At moment to connect from agent to server this is into the logfile on a client. I check again and again the permissions of directories into server, apache configuration, so on.

To Reproduce
Steps to reproduce the behavior:

1. install the agent on windows box.
2. wait to try to reach the server.
3. check the c:\programdata\ocs....\ocsinventory.log file
4. verify 403 error is logged after to launch request to server URI.

Expected behavior
Agent box registered on server success, but not ocurr.

Screenshots
If applicable, add screenshots to help explain your problem.

Log file (optional)
Apache / PHP / System log if needed

---- OCSInventory.log ----

==============================================================================
Starting OCS Inventory Agent on Wednesday, July 31, 2024 14:29:29.
AGENT => Running OCS Inventory Agent Version 2.10.1.0
AGENT => Using OCS Inventory FrameWork Version 2.10.1.0
AGENT => Loading plug-in(s)
DLL PLUGIN => Searching for Plug-in DLL(s) in folder <C:\Program Files\OCS Inventory Agent\plugins>
DLL PLUGIN => 0 DLL Plug-in(s) successfully loaded on 0 DLL(s) found
AGENT => Using network connection with Communication Server
COM PROVIDER => Loading Communication Provider <C:\Program Files\OCS Inventory Agent\ComHTTP.dll>
AGENT => Using Communication Provider Version <2.10.1.0>
AGENT => Sending getLabel request
COM SERVER => Initializing cURL library for getFile
COM SERVER => Using cURL without server authentication
COM SERVER => Disabling cURL proxy support
COM SERVER => Disabling cURL SSL server validation support
COM SERVER => Sending fileGet request to URL https://serverurl/ocsinventory/deploy/label
COM SERVER => fileGet response received <HTTP Status Code #403>
COM SERVER => Cleaning cURL library
AGENT => Failed to retrieve Label <HTTP Status Code #403>
AGENT => Sending Prolog
DID_CHECK => Read DeviceID and MACs <00:22:48:29:3D:9C> in file <ocsinventory.dat>
COM SERVER => Initializing cURL library for sendRequest
COM SERVER => Using cURL without server authentication
COM SERVER => Disabling cURL proxy support
COM SERVER => Disabling cURL SSL server validation support
COM SERVER => Sending HTTP Post request to URL https://serverurl/ocsinventory
COM SERVER => HTTP Post response received <HTTP Status Code #403>
COM SERVER => Cleaning cURL library
ERROR *** AGENT => Failed to send Prolog <HTTP Status Code #403>
AGENT => Unloading communication provider
AGENT => Unloading plug-in(s)
AGENT => Execution duration: 00:00:01.

[bartoggy]

Hi,

I have the same error and i cannot have computers registered :(

have you find an issue ?

[victorjah50]

Finally it was fixed.

After to try differ alternatives, checking in detail it focus on the content of this file because the error appearantelly is on the http request receiver of apache.

/etc/apache2/sites-enabled/000-default.conf

Original File content:

<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

When we initially configured it, we added the below lines, and I honestly can't remember why. However, taking as an example a fresh installation where those lines weren't present and everything worked fine.

#<Directory /var/www/html/glpi/public>
# Require all granted
# RewriteEngine On
# RewriteCond %{REQUEST_FILENAME} !-f
# RewriteRule ^(.*)$ index.php [QSA,L]
#

I decide to comment all this and restore to the original directive DocumentRoot it was changed too.

Restoring the original file and the transfer of inventory data is working again.

I hope this help you!!!

See you later.

[victorjah50]

Detailed of solution in the last post.