Oracle user unable to login on HP-UX server ad server is Centrify server
04-28-2017 04:36 AM
Hello All I am unable to login from another location server to that perticular server..
our ad is : Centrify
and client : HP-UX
Ad information details below : -
Local host name: goumasq4
Joined to domain: amer.new.com
Joined as: goumasq4.gy.pr.pri.test1.com
Pre-win2K name: goumasq4
Current DC: gywamrdom01mfn.amer.new.com
Preferred site: GYW-MFN
Last password set: 2017-04-14 10:38:23 AST
CentrifyDC mode: connected
gyumesq4:/# id oracle
uid=105(oracle) gid=105(dba) groups=106(dart)
05-01-2017 10:28 AM
Welcome to the forums.
Remember... there's no "Centrify" server. It's all AD and our clients.
Since you are using Express, keep in mind that ALL users from AD are exposed to your UNIX/Linux systems.
If there's an "oracle" account in AD, due to the NSS order, that's the account that will authenticate first.
You can find out if there's an oracle account in AD by running the "adquery user oracle"
If you get a response back (a UNIX-style identity line), then the user that is being authenticated is AD's oracle, not /etc/passwd's oracle.
To go around this, you must set oracle as an entry in the /etc/centrifydc/users.ignore file and do a sudo adreload or restart the centrifydc service.
If you are not using Express, note that you have benefits like SLA-based support.