Authentication Services - Search Global

Refine Your Search
Advanced Queries | | Increase Your Search IQ
How to manage cloned machines that are using Authentication Services (112065)

When cloning machines that have been or will be joined using Authentication Services what steps are recommended. Cloned machines will also clone keytabs causing multiple machines to potentially share computer objects ...

What does "vastool merge" do? Application needs a local account or group. (30827)

Sometimes, applications (mostly legacy ones) will require the existence of user or group entries in the local files (/etc/passwd and /etc/group) in order to properly grant access or permissions to users. In order to assist users in such scenarios, you can use "vastool merge". ...

Management Console for Unix will not load in Internet Explorer 11 saying page cannot be displayed. (211319)

While loading the Management Console for Unix in Internet Explorer 11 or Edge after an update it fails to load stating 'Page Cannot Be Displayed' and indicates a server error. Page loads successfully in other browsers like Chrome. ...

Vastool status error "INFO: 603 /etc/nsswitch.conf does not appear to be configured to use QAS" (97214)

vastool status returns an error for nsswitch.conf not being configured. INFO: 603 /etc/nsswitch.conf does not appear to be configured to use QAS. This can also be reported as a FAILURE in this format. FAILURE: 603 /etc/nsswitch ...

How to troubleshoot sudo not working? (67702)

How to troubleshoot sudo not working? Sudo must have been compiled with PAM support. Sudo must be configured properly to use PAM (/etc/pam.d/sudo or /etc/pam.conf). To configure sudo pam files you can use the command: 'vastool configure pam sudo'. ...

vastool status reports FAILURE: 702 QAS does not have any valid licenses available. How to install or add Authentication Services' licenses. License expired. (104286)

vastool status reports FAILURE: 702 QAS does not have any valid licenses available or no license installed. The below article describes how to install an Authentication Services ' license. vastool license -q reports: All licenses expired. ...

Can Authentication Services work with Active Directory Distribution Groups? Users lose group membership. (82087)

Can Authentication Services work with Active Directory Distribution Groups? Users lose group membership after logging in. No, Distribution Groups are not security enabled so do not appear in the users TokenGroups/PAC (Privilege Attribute Certificate) membership. ...

How to configure Single-Sign-On using OpenSSH on Solaris (137951)

How to configure SSH to allow access using GSSAPI and achieve single-sign-on using vendor supplied OpenSSH or OpenSSH downloaded from the internet. Configure SSH for Active Directory and Authentication Services ...

Authentication Services 4.1 Maintenance Fix changelog and download link. 4.1 Latest Release (116643)

----- Authentication Services 4.1 Maintenance Fix Release Notes -----. This is a Maintenance Fix Release for Authentication Services 4.1. ...

vgptool apply hangs and does not complete (131431)

When /opt/quest/bin/vgptool apply is run, it hangs on the crontab updates. Product Defect 375818: vgptool apply hangs on applying crontab entries. WORKAROUND: None. STATUS: Fixed in Authentication Services 4.1 Maintenance Fix.

INFO: 402 Computer object has UPN of Expected (103859)

vastool status command reports INFO: 402 Computer object has UPN of Expected This is just an information message. You can set the userprincipal name on the computer object with the following command: /opt/quest/bin/vastool ...

FAILURE: 719 more than 2 vgptools running. (104400)

vastool status reports FAILURE: 719 more than 2 vgptools running. Possible hung vgptool process. Run the following command: #ps -ef | grep vgptool. Kill off the running vgptool processes. Run "vgptool apply" to confirm that vgptool is working as expected. ...

Does dnsupdate regulary update the DNS record to ensure it is not removed by DNS Scavenging? (88651)

Wiindows updates DNS records every 24 hours does dnsupdate regulary update the record to ensure the record is not removed by DNS Scavenging? Both Windows clients and dnsupdate use the DNS Update Protocol to create/update the DNS records. ...

WARNING: 711 /opt/quest/$file version <$VER> does not match QAS version (104297)

This error can occur when versions of installed components do not match. If the vasclnt package was upgraded but not the vasgp package this error can occur. This can happen if you only select one package when upgrading via MCU. ...

On AIX AD users added to local groups fail. (107230)

When AD users are added to local groups this does not function as expected. 3rd Party limitation. The operating system does not support mixing group memberships between repositories. (Local and VAS) RESOLUTION: The ...

Issues with group permissions on NFS mounted directories (28152)

If a user belongs to more than 16 groups, group permissions for an NFS mounted directory may not work as expected. A user might not be allowed access to files/directories their group list says they should. It is noticed that the ...

Which system files are modified when joining to Active Directory? (40654)

This article is to describe what system files are changed by Authentication Services when the /opt/quest/bin/vastool join command is done. No changes to the OS configuration are made when you install QAS. The files changed at join time are listed below by operating system: ...

How to enable vasd debug to capture more information (27000)

Below is the steps for enabling vasd debug level 5 to captue more information about what is happening. 1. Enable vasd debugging by running: # /opt/quest/bin/vastool configure vas vasd debug-level 5 2. Configure the System ...

How to create an SELinux policy for Authentication Services (119007)

A SELinux-hardened system will run with SELinux in enforcing mode, meaning that the SELinux policy is in effect and things that it doesn't want to allow won't be allowed. Authentication Services can work with any pam enabled ...

vastool status reports INFO: 232 No srvinfo entry for joined domain (103973)

vastool status reports INFO: 232 No srvinfo entry for joined domain. This is an informational message and not necessarily incorrect If you think that QAS should have server information for this domain, issue the following command: /opt/quest/bin/vastool flush srvinfo. ...

Does Authentication Services support Windows 2012? (104417)

Is Authentication Services supported on Windows 2012 server and Windows 2012 server R2 ? Yes, Authentication Services is supported connecting to Windows Server 2012 domain controllers including R2 version and installed on Windows 2012 servers. ...

FAILURE: 505 Unrecognized auth result/error (104392)

FAILURE: 505 Unrecognized auth result/error. 505 auth -S host/$FQDN fails. 1 - Rejoin the computer to AD. Here is an example of the command: /opt/quest/bin/vastool -u Administrator join -f example.com. You may need to add additional switches. ...

How to configure QAS enabled laptops for users' travel or how to setup permanent disconnected users (54451)

This article is to describe how to setup permanently or persistent disconnected users. Disconnected mode is when the machine is not able to communicate to the Active Directory Domain Controllers. User's who have laptops that travel should be setup this way on the laptop. ...

How to troubleshoot user cannot login ? Authentication fails. Unable to login. (106769)

This article is to provide commands to help diagnose problems with AD authentication on the QAS client. User is unable to login. Authentication fails for users. User or users cannot login or logon. Won't allow login. 1 - Can you list the user ? ...

gss_accept_sec_context causes core dump (87930)

A windows application using the SSPI attempts to establish a kerberos connection to a process running on Unix and calls gss_accept_sec_context. gss_accept_sec_context() causes core dump. On the Solaris side gss_accept_sec_context ...