Greetings...My first post here...
I am facing issue on a x86 Solaris server, running on VMWare. We have to install latest patch cluster. I took a snapshot (on VMWare side), so we have backup copy. Downloaded and installed latest patch cluster. Post patching, I am not able to login on server with any non-root user (LDAP user). Since, this server is not in support, I an not expect Oracle's help on this. I am not sure, which patch broke authentication mechanism.
In second attempt, I restored snapshot and this time I commented "possible culprit" patches in patch_order as below
cat 10_x86_Recommended.README | egrep -i "tls|pam|ssl|java|ldap"
120100-08
148072-19
151913-09
121212-02
122471-03
138767-01
141105-04
144910-03
147674-11
148050-04
148694-01
150120-04
150546-02
151915-07
152078-51
152079-51
152098-41
152099-41
152101-31
I applied patch cluster and it again came in same state.
From /var/adm/messages :-
May 19 14:02:46 ngtdr-zonemgr2-data ldap_cachemgr[221]: [ID 293258 daemon.warning] libsldap: Status: 91 Mesg: openConnection: simple bind failed - Can't connect to the LDAP server
May 19 14:02:46 ngtdr-zonemgr2-data ldap_cachemgr[221]: [ID 293258 daemon.warning] libsldap: Status: 91 Mesg: openConnection: simple bind failed - Can't connect to the LDAP server
May 19 14:02:46 ngtdr-zonemgr2-data ldap_cachemgr[221]: [ID 545954 daemon.error] libsldap: makeConnection: failed to open connection to npsec-est-wks1.acme.com
May 19 14:02:46 ngtdr-zonemgr2-data ldap_cachemgr[221]: [ID 545954 daemon.error] libsldap: makeConnection: failed to open connection to npsec-wst-wks1.acme.com
-bash-3.2# ldapclient list
NS_LDAP_FILE_VERSION= 2.0
NS_LDAP_BINDDN= cn=ngtdr-zonemgr2,ou=Hosts,dc=pre,dc=acme,dc=com
NS_LDAP_BINDPASSWD= {NS1}a1a2a3a4a5a6a7a8a9a10a11a11
NS_LDAP_SEARCH_BASEDN= dc=pre,dc=acme,dc=com
NS_LDAP_AUTH= tls:simple
NS_LDAP_SEARCH_REF= TRUE
NS_LDAP_SEARCH_SCOPE= one
NS_LDAP_SEARCH_TIME= 30
NS_LDAP_SERVER_PREF= npsec-wst-wks1.acme.com, npsec-est-wks1.acme.com
NS_LDAP_CACHETTL= 43200
NS_LDAP_PROFILE= ngtdr-zonemgr2
NS_LDAP_CREDENTIAL_LEVEL= proxy
NS_LDAP_SERVICE_SEARCH_DESC= group:ou=Group,?one?
NS_LDAP_SERVICE_SEARCH_DESC= shadow:ou=People,?one?
NS_LDAP_SERVICE_SEARCH_DESC= netgroup:ou=netgroup,?one?
NS_LDAP_SERVICE_SEARCH_DESC= sudoers:ou=sudoers,?one?
NS_LDAP_SERVICE_SEARCH_DESC= user_attr:ou=People,?one?
NS_LDAP_SERVICE_SEARCH_DESC= passwd:ou=People,?one?isMemberOf=cn=ngtdr-zonemgr2,ou=hosts,dc=pre,dc=acme,dc=com
NS_LDAP_BIND_TIME= 10
-bash-3.2# ldaplist
ldaplist: Object not found (Session error no available conn.
)
-bash-3.2#
I am not able to figure out, which patch is creating this problem so I can exclude that. Can somebody help me with this troubleshooting
Thanks in advance