Valid on UNIX
Symptom:
An Active Directory user that has UNIX attributes cannot log in to a UNAB endpoint.
Solution:
To troubleshoot the problem, do the following:
Note: The user_container configuration setting is located in the AD section of the uxauth.ini file.
./uxauthd.sh status
A message informs you of the current status of UNAB.
Note: If the endpoint is not registered in Active Directory, use the uxconsole -register utility to register the host.
./uxauthd.sh stop
rm -rf /opt/CA/uxauth/etc/nss.db
For example, for a Linux or Solaris endpoint, check if the nscd daemon is running. For an HP-UX endpoint, check if the pwgrd daemon is running.
./uxauthd.sh start
Run the following command to connect to Active Directory using the Administrator account:
./uxconsole -krb -init Administrator
Note: You can obtain a TGT using the agent keytab, for example:
./uxconsole -krb -init -k
./uxconsole -ldap -search "(&(objectClass=user)(sAMAccountName=johndoe))"
Check for discrepancies between the expected and actual user account name.
./uxconsole -ldap -search -b DC=unabca,DC=test,DC=co,DC=il "(&(objectClass=user)(objectCategory=person))"
Copyright © 2013 CA Technologies.
All rights reserved.
|
|