Authentication Services - Search Global

Refine Your Search
Advanced Queries | | Increase Your Search IQ
Does migrating to Secure Hash Algorithm (SHA)-2 certificates affect Authentication Services? Does going from SSL ver 1 to SSL2 impact Authentication Services? (212838)

The migration to Secure Hash Algorithm (SHA)-2 certificates is an industry mandate. This effort includes all applications that connect to Active Directory domain controllers using the Secure Lightweight Directory Access Protocol (LDAPS). ...

What are sites? Are they important? (47179)

What are sites? Are they important? Sites assign a computer joined to a domain to a default Domain Controller. If you have multiple subnets in your environment with DC's on each subnet, the Unix server is not assigned a domain controller. ...

Unlock System Preferences / Security (212621)

When you try to unlock System Preferences / Security then lock immediately closes again. These errors are seen on Mac OS 10.11.5 with QAS 4.1.0.22611. The issue is caused by an incorrect PAM configuration. In the file /etc ...

Is Authentication Services supported on Red Hat Enterprise Linux 7 - RHEL 7 support (132703)

Is Authentication Services supported on Red Hat Enterprise Linux 7? Red Hat Enterprise Linux was supported as of Authentication Services 4.0.3.240 and 4.1.0.21140. Please note Technical Support was discontinued for 4.0.3.x as of March 2015. ...

Installed licence not showing up (212558)

A license file was installed on a QAS system and we can see it in the /etc/opt/quest/vas/.licenses directory, however the license file isn't showing up in the "vastool license" output. The license file was missing a line ending at the end of the file. ...

A specific user or users cannot login (23895)

When using the "vastool list user <username>" command you may see the following: jdoe@example.com:VAS:1006:1000:John Doe:/home/jdoe:/bin/false. When you disable a user's Unix account in Active Directory (AD) by unchecking ...

Unable to join domain. Receiving data via TCP with 3 timeout (211587)

Unable to join domain. Receiving data via TCP with 3 timeout. These are working transfers: [debug] (5505104) vas_tcp_con nect_addrs: Connected to [SERVER]:88 on fd 5. [debug] (5505104) _send_and_recv_srvinfo: Sending via TCP. ...

How to add Active Directory users to the wheel group to allow su restriction on Linux. (91447)

How to add Active Directory users to the wheel group to allow su restriction on Linux. The wheel group is a local group. Adding Active Directory users would usually require a manual edit of the group membership on each server. ...

Users not caching. Getting ERROR: Failed to send/recv User Flush IPC request, payload_err=110 (212425)

Caching Users ... ERROR: Error receiving IPC buffer from server: Connection timed out ERROR: Failed to send/recv User Flush IPC request, payload_err= 110 Failed ERROR: Failed to send Users Flush IPC, error=110 The domain ...

How to enable vasd debug to capture more information (27000)

Below is the steps for enabling vasd debug level 5 to captue more information about what is happening. 1. Enable vasd debugging by running: # /opt/quest/bin/vastool configure vas vasd debug-level 5 2. Configure the System ...

vastool status returns "FAILURE: 622 Network users cannot login through ssh." (116470)

Running "/opt/quest/bin/vastool status" on a Mac OS X system returns "FAILURE: 622 Network users cannot login through ssh.". Remote Login (ssh) is not enabled on the system. 1 - Open System Preferences and click on Sharing. ...

How to configure SSL for use with Jetty? How to setup certificate in MCU? (86932)

How to configure SSL for use with Jetty? How to setup certificate in Management Console for Unix? Basic steps. Generate or obtain a public/private key-pair and x509 certificate. Obtain a certificate from a known certificate authority ...

Installing a Custom SSL/TLS Certificate and Key Pair for Quest Management Console for Unix (MCU) (72201)

The existing self-signed certificate has expired. How to install a new certificate. RESOLUTION 1: Use the following procedure to manually configure SSL and the jetty port. 1. Generate or obtain a public/private key pair and certificate. ...

Inconsistent default Unix attributes in different OUs (212240)

We have three OU locations where user accounts are located. Two of the three default to the expected global home directory and shell settings set in QAS Control Center. The other OU is not using the defaults when checking the UNIX enabled box. ...

What is the best way to list all the users who can login to a given server? (212117)

What is the best way to list all the users who can login to a given server? Without running 'vastool user checkaccess' against each user. What is the easiest way for me to get only the users who can login to the server? This is ...

How to troubleshoot user cannot login ? Authentication fails. Unable to login. (106769)

This article is to provide commands to help diagnose problems with AD authentication on the QAS client. User is unable to login. Authentication fails for users. User or users cannot login or logon. Won't allow login. 1 - Can you list the user ? ...

How do I setup UNIX personality management UPM? (39636)

How do I setup UNIX personality management UPM? Personality container is an Active Directory OU designated to contains user and group personalities. Unix clients specify a Unix personality container (vastool join -p) in order ...

Video: How To Troubleshoot Defender PAM Module with QAS (119032)

When the Defender Pluggable Authentication Module (also known as the Defender PAM Module) is installed on an Authentication Services (QAS) enabled system what are some troubleshooting steps that can be followed in testing? ...

QAS Windows install fails with Prerequiste Installation Failed. Microsoft .NET 3.5 setup cannot continu (211791)

Trying to install QAS on Windows Server 2012 getting error: Microsoft .NET framework 3.5 SP1: error code 1. Setup cannot continue. The QAS install of .NET 3.5 is failing because .NET 3.5 is already installed on Windows 2012 Server but it is disabled. Please do the following: ...

How to manage cloned machines that are using Authentication Services (112065)

When cloning machines that have been or will be joined using Authentication Services what steps are recommended. Cloned machines will also clone keytabs causing multiple machines to potentially share computer objects ...

What does "vastool merge" do? Application needs a local account or group. (30827)

Sometimes, applications (mostly legacy ones) will require the existence of user or group entries in the local files (/etc/passwd and /etc/group) in order to properly grant access or permissions to users. In order to assist users in such scenarios, you can use "vastool merge". ...

Management Console for Unix will not load in Internet Explorer 11 saying page cannot be displayed. (211319)

While loading the Management Console for Unix in Internet Explorer 11 or Edge after an update it fails to load stating 'Page Cannot Be Displayed' and indicates a server error. Page loads successfully in other browsers like Chrome. ...

Vastool status error "INFO: 603 /etc/nsswitch.conf does not appear to be configured to use QAS" (97214)

vastool status returns an error for nsswitch.conf not being configured. INFO: 603 /etc/nsswitch.conf does not appear to be configured to use QAS. This can also be reported as a FAILURE in this format. FAILURE: 603 /etc/nsswitch ...

How to troubleshoot sudo not working? (67702)

How to troubleshoot sudo not working? Sudo must have been compiled with PAM support. Sudo must be configured properly to use PAM (/etc/pam.d/sudo or /etc/pam.conf). To configure sudo pam files you can use the command: 'vastool configure pam sudo'. ...

vastool status reports FAILURE: 702 QAS does not have any valid licenses available. How to install or add Authentication Services' licenses. License expired. (104286)

vastool status reports FAILURE: 702 QAS does not have any valid licenses available or no license installed. The below article describes how to install an Authentication Services ' license. vastool license -q reports: All licenses expired. ...