Solaris 10 sshd + GSSAPI auth appears to fail with long usernames.

Solaris 10 sshd using GSSAPI mode appears to fail with long usernames.
We have recently jumbo-patched solaris 10 server and windows 2k3 kerberos kdc. We wish to provide the single sign on thing for our Windows users, as written up in http://220-245-28-18.static.tpgi.com.au/~irvinee/gssapi-sol10/gssapi-howto.html
Everything is fine, until a user with a ten character username comes along. The ten character username does not get the single sign on experience
However, he can kinit fine on Solaris 10 server and also on other unix clients.
If I switch from the stock solaris 10 sshd to a self-compiled OpenSSH linked against MIT Kerberos, the 10 char username gets single-sign-on and all is well..
I note I have no problem when the server is FreeBSD 6.2 and the client is stock solaris 10 ssh.
It seems to be the Solaris 10 sshd only that is affected. Before I write up a bug report, has anyone else come across the same problem?

I finally got it working. I think my problem was that I was coping and pasting the /etc/pam.conf from Gary's guide into the pam.conf file.
There was unseen carriage returns mucking things up. So following a combination of the two docs worked. Starting with:
http://web.singnet.com.sg/~garyttt/Configuring%20Solaris%20Native%20LDAP%20Client%20for%20Fedora%20Directory%20Server.htm
Then following the steps at "Authentication Option #1: LDAP PAM configuration " from this doc:
http://docs.lucidinteractive.ca/index.php/Solaris_LDAP_client_with_OpenLDAP_server
for the pam.conf, got things working.
Note: ensure that your user has the shadowAccount value set in the objectClass

Similar Messages

  • Discoverer Desktop Connections Fails With Invalid Username/Pass in r12

    Hi all;
    I have problem. I can login Discoverer Administrator from my localmachine and i can see what ppl did it there.. But when i try to login Discoverer Desktop from my localmachine its gives me Invalid Username/Pass. error.
    I even cant login my system from browser :
    http://xx.com:7778/discoverer/plus << pages comes and i fill in the blanks area like:
    Connect to : Oracle Application
    Username: sysadmin
    pass: ***
    Database: VIS
    I found some document from forums. Whihc is :
    Discoverer Is Unable to Connect to Oracle Applications database: invalid username/password      Doc ID: Note:467919.1
    Discoverer 10g (10.1.2) Connectons To Oracle E-Business Suite 12 Fails With 'Invalid Username/Password'      Doc ID: Note:443661.1
    But before i apply those patch i want to take advice from you. Coz i can login Discoverer Administrator and can use it but cant login Discoverer Desktop...its kind of wierd... i already checked what i have done in installtion and its all seems correct.
    Any idea;
    Regards
    Helios

    Discoverer supports two kinds of connections - database schema connections and apps connections. For Disco Admin, you login using a database schema, which, as you stated, works. For Disco User you login using an Apps user account (for which there is a no equivalent database scherma). To enable such a connection, you need to check the "oracle applications user" check box on the 10g Disco login screen. Also, under Tools --> Options, in the Connection tab, make sure that "connect to both standard and applications EULs" radio button is selected.
    HTH
    Srini

  • Import (imp) failing with IMP-00010 error

    Hi Experts,
    I am doing import to Windows from an export dump that was taken on Solaris 10. But the import is failing with the following error.
    IMP-00010: not a valid export file, header failed verification
    IMP-00000: Import terminated unsuccessfully
    I checked the source and target oracle versions and NLS_LANG parameter.
    In both the databases NLS_LANG parameter is set to AMERICAN only. But the oracle versions are different
    Source
    OS : Solaris 10
    Oracle version : *11.2.0.2*
    Export dump : exp_CAAU2.dmp.gz (Export taken by zipping)
    Target
    OS : Windows server 2003
    Oracle Version : *10.2.0.2.0*
    While importing into windows env, it is failing..
    Please let me know the reason why the import is failing?
    Can i upgrade the target oracle version to 11.2.0.2 to succeed the import?

    Hi,
    The IMP indicates this this error is coming from the old imp. This dump file could be from the expdp utility, which would require you to use the impdp utility.
    Source
    OS : Solaris 10
    Oracle version : 11.2.0.2
    Export dump : exp_CAAU2.dmp.gz (Export taken by zipping)
    Target
    OS : Windows server 2003
    Oracle Version : 10.2.0.2.0
    While importing into windows env, it is failing..
    What really matters here is the compatibility level. If your source and target compatibility levels are the same, then with Data Pump, the dumpfile created on the source, would work on the target. If the compatibility levels are different, then use expdp with the version parameter set to the compatibility level of the target.
    Please let me know the reason why the import is failing?Check the suggestions above first.
    Can i upgrade the target oracle version to 11.2.0.2 to succeed the import?It could help, but first check to see if you are using the right utility and then check the compatibility versions.
    Dean

  • DB 7.8 Restart fails with SQL error -9407, unexpected error 3

    Hello,
    MaxDB Instance (7.8.01.18)  fails to restart with the error
    "SQL error -9407 System error: unexpected error 3
    Internal errorcode 6433 "system_error" 20017, Restart Filesystem failed with
    'System error unexpected error'
    9, File directory restart failed; error '3'
    31, Error linking entry to parent; file no '000000004066',
    parent file no '000000000000000000033D',
    file type 'IndexFile', error '11'
    We had the problem "[-8]: Execution failed, parse again" with one table,
    then we tried to restart the database. Now it doesn't come up any more.
    Is there another possibility instead of a recovery?
    Greetings
    Ulrich

    Your problem description sounds very similar to the following error:
    PTS1237652:
    "Appearance:
    Restart fails with file directory corruption:
    31,Error linking entry to parent; file no 'xxx', parent file no 'yyy', file type 'IndexFile', error '11'
    Preconditions and circumstances:
    During a recreate index operation the index was dropped and recreated manually.
    Workaround:
    None. The system must be recovered to the time just before the index was recreated."
    Please note that this is one of those issues that has only been fixed with 7.8.02. 7.8.02 is currently in customer testing, if anyone wants to join, just open a CSS message and test this version before we make it generally available for download.
    Best regards,
    Thorsten

  • Clean Install Solaris 10 05/09 - Update Manager Fails with Valid Acct

    I have a clean install of Solaris 10 05/09, and Update Manager fails to register using a valid accout which I can login with at the Sun website. Why is this happening? How can this be fixed?

    Here's the output from the script....
    User: root
    Logname: root
    Tue Oct 6 15:35:18 EDT 2009
    unknown
    smpatch settings:
    patchpro.backout.directory - ""
    patchpro.baseline.directory - /var/sadm/spool
    patchpro.download.directory - /var/sadm/spool
    patchpro.install.types - rebootafter:reconfigafter:standard
    patchpro.patch.source - https://getupdates1.sun.com/
    patchpro.patchset - current2
    patchpro.proxy.host - ""
    patchpro.proxy.passwd **** ****
    patchpro.proxy.port - 8080
    patchpro.proxy.user - ""
    smpatch analyze:
    Failure: Cannot connect to retrieve current2.zip: This system is currently unreg istered and is unable to retrieve patches from the Sun Update Connection. Please register your system using the Update Manager, /usr/bin/updatemanager or provid e valid Sun Online Account(SOA) credentials.
    Entitlement:
    cat: cannot open /var/sadm/spool/cache/entitlement/*entitlement_client
    Sun UC patch revision:
    120336-04
    121082-06
    121119-16
    121454-02
    123004-03
    123006-07
    123631-03
    123896-05
    123896-15
    124187-07
    137138-09
    Solaris release:
    Solaris 10 5/09 s10x_u7wos_08 X86
    Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
    Use is subject to license terms.
    Assembled 30 March 2009
    Solaris Kernel: Generic_141415-10
    Machine Type: i86pc
    Platform: i86pc
    Java versions:
    System default:
    java version "1.5.0_21"
    Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_21-b01)
    Java HotSpot(TM) Client VM (build 1.5.0_21-b01, mixed mode, sharing)
    Java 5:
    java version "1.5.0_21"
    Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_21-b01)
    Java HotSpot(TM) Client VM (build 1.5.0_21-b01, mixed mode, sharing)
    Java 6:
    Unable to locate JRE meeting specification "1.6*"
    Java used by smpatch and updatemanager:
    /usr/sbin/pprosvc:JAVACMD="/usr/jdk/latest/bin/java -version:1.5*"
    /bin/updatemanager:JAVA_EXEC="/usr/jdk/latest/bin/java -version:1.5*"
    Cacao Java version:
    java-home=/usr/jdk/jdk1.5.0_21
    Cacao Base Directories:
    cacao.install.rt.base.dir=/
    cacao.install.etc.base.dir=/
    Software Cluster:
    CLUSTER=SUNWCall
    All ccr properties:
    18:
    Property not defined: 18
    cns.assetid:
    cns.br.SunUCenabled:
    true
    cns.ccr.keyGenPath:
    /usr/lib/cc-ccr/bin/ccrKeyGen
    cns.clientid:
    cns.httpproxy.auth:
    cns.httpproxy.ipaddr:
    cns.httpproxy.port:
    cns.regtoken:
    cns.security.password:
    cns.security.privatekey:
    cns.security.publickey:
    cns.swup.UMautolaunch:
    false
    cns.swup.autoAnalysis.enabled:
    true
    cns.swup.checkinInterval:
    2
    cns.swup.lastCheckin:
    0
    cns.swup.patchbaseline:
    current
    cns.swup.regRequired:
    true
    cns.transport.serverurl:
    patchsvr not installed.
    Sun UC package status:
    SUNWbreg not installed
    SUNWdc not installed
    Cacao instances:
    online 15:19:45 svc:/application/management/common-agent-container-1:def ault
    Services in maintenance/disabled state:
    svc:/application/print/server:default (LP print server)
    State: disabled since Tue Oct 06 15:15:37 2009
    Reason: Disabled by an administrator.
    See: http://sun.com/msg/SMF-8000-05
    See: man -M /usr/share/man -s 1M lpsched
    Impact: 2 dependent services are not running:
    svc:/application/print/rfc1179:default
    svc:/application/print/ipp-listener:default
    Please attach /tmp/unknown-061009-suc-out.Z in your reply to the Sun Update Conn ection Technical Support Team.
    #

  • Creative Cloud update fails with "the download appears to be corrupted" when tried through our company's firewall, but succeeds if the computer is taken outside the firewall

    Creative Cloud update fails with "the download appears to be corrupted" when tried through our company's firewall, but succeeds if the computer is taken outside the firewall. The IT guys have opened up the ports and URL's specified in the Adobe documentation.  I have also captured the network traffic of both the failed and successful downloads for IT to examine (using Little Snitch), however they can find nothing to account for the problem.  Adobe just seems to "give up and die" after about 2-3 minutes.  Why is this?  How can I or IT fix this?
    Can I send the above log files to someone familiar with these issues for examination?

    Hi Gveo,
    Please follow the article: Creative Cloud Help | About Creative Cloud Packager which will help you to get your issue fixed.
    Thanks,
    Ratandeep Arora

  • FTPS failing with Error: ...FTPEx: 'AUTH TLS': command not understood !!

    Hi,
    I am trying to send a file over FTPS (FTP using SSL/TLS) .
    But it fails with the following error in RWB - Communication Channel monitoring:
    Error when getting an FTP connection from connection pool: com.sap.aii.af.lib.util.concurrent.ResourcePoolException:
    Unable to create new pooled resource: FTPEx: 'AUTH TLS': command not understood
    I running NW711_05 and my FTP Connection Parameters are as follows:
    Server: OurServerName
    Port: 21
    Data Connection: Passive {even tried Active but got the same error}
    Timeout: 20
    Connection Security: FTPS (FTP Using SSL/TLS) for control connection
    X Use X.509 Certificate for Client Authentication
    Keystore: service_ssl
    X.509 Certificate and Private Key: ssl-credentials
    Do I need to do any specific configuration/settings on the receiving FTP-server side?
    Kind regards,
    Joe

    Hi Rajesh,
    Thx for your speedy response! I started out by deselecting the certificate checkbox and changing the port no from 21 to 990, this of course generated a different error message:
    Unable to create new pooled resource: ConnectException: Connection refused
    which I believe is because connection is not configured for port 990.
    Anyone else has any suggestions as to how to proceed?
    Regards,
    Joe

  • Solaris 10 upgrade fails with "mount failed"

    I'm trying to upgrade an aged Ultra 80 to Solaris 10u9 (from Solaris 10u2 or so), so that it can be used for our product testing purposes. After several unsuccessful attempts, I finally freed up enough space on the / filesystem (5.2GB free) by moving /opt to a newly installed second drive.
    However, the upgrade now fails with
    "Mount failed for either root, swap, or other file system.
    Pfinstall failed. Exit stat= java.lang.UNIXProcess@e2892b 2"
    At the end of the log file it says
    "Checking c0t0d0s0 for an upgradeable Solaris image.
    ERROR: Mount failed for either root, swap, or other file system."
    I'm stumped. It doesn't say which file system it's having problems with.
    Any ideas as to how to troubleshoot this problem, or what the cause might be? At 30 minutes per upgrade attempt, I'd like to know what the cause is rather than pursuing trial and error.
    Thanks.

    Look at your "vfstab" and see if there are any mounts that need a specific driver like a SAN-provided LUN. Comment them out during the upgrade for the upgrade tries to mount everything in your /etc/vfstab and if it doesn't have the driver/software to do it, it will fail...

  • Bind DMA handle fails with Solaris 10 x86

    Our device driver and device uses no scatter gather and
    we have always set the sgllen filed of the DMA_ATTR to 1.
    Even so, ddi_dma_buf_bind_handle() would often result in
    more than one dma cookie for a transfer on most x86 systems.
    We handle this in the device driver, starting a new transfer from
    the device for each cookie.
    Along comes Solaris 10 and ddi_dma_buf_bind_handle() fails with a
    DDI_DMA_TOOBIG error for all DMA transfer over 1200 bytes or so.
    We are not sure what changed in Solaris 10 to cause our method to
    no longer work.
    Is the correct thing to simply set the sgllen field to -1?

    Following up on my previous post ....
    Setting the dma_attr_sgllen field of the DMA_ATTR to -1
    does seem to solve the problem for Solaris 10. It works
    on sparc v9, intel32 and amd64 platforms.
    However, it does not work with Solaris 9 on x86 platforms.
    In this case, ddi_dma_buf_bind_handle() fails with a
    DDI_DMA_BADATTR error.
    On sparc platforms it does not seem to matter. A value of
    either 1 or -1 works for both Solaris 9 and 10.
    In order to maintain backwards compatibility, we will need to
    make use of autoconf variables, having our conifgure script
    substitute an appropriate value for the dma_attr_sgllen
    based on the host operating system version.

  • Using exp/imp appears to fail

    Hello Everyone.
    We are trying to export a set of table from one Oracle Database to another and have come across a problem.
    Exporting via PL/SQL developer (v7) appears to be fine but when we try to import the generated .dmp file using the imp tool, it fails with this error:
    IMP-00017: following statement failed with ORACLE error 905:
    "CREATE TABLE "GEOM_TABLE" ("UUID" VARCHAR2(36) NOT NULL ENABLE, ""
    "NAME" VARCHAR2(50), "ORDINATES" "MDSYS"."SDO_GEOMETRY", "DRAWING_UUID" VARC"
    "HAR2(36))  PCTFREE 10 PCTUSED 40 INITRANS 1 MAXTRANS 255 STORAGE(INITIAL 65"
    "536 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT) TABLESPACE "GEOM_SPACE"
    "" LOGGING NOCOMPRESS VARRAY "ORDINATES"."SDO_ELEM_INFO" ELEMENT  STORE AS L"
    "OB  (ENABLE STORAGE IN ROW CHUNK 16384 RETENTION  CACHE  STORAGE(INITIAL 65"
    "536 FREELISTS 1 FREELIST GROUPS 1 BUFFER_POOL DEFAULT)) VARRAY "ORDINATES"."
    ""SDO_ORDINATES" ELEMENT  STORE AS LOB  (ENABLE STORAGE IN ROW CHUNK 16384 R"
    "ETENTION  CACHE  STORAGE(INITIAL 65536 FREELISTS 1 FREELIST GROUPS 1 BUFFER"
    "_POOL DEFAULT)) COLUMN "ORDINATES" NOT SUBSTITUTABLE AT ALL LEVELS "
    IMP-00003: ORACLE error 905 encountered
    ORA-00905: missing keyword
    This only appears to happen when there is a reference to MYSYS.SDO_GEOMETRY. It is preventing the data migration from completing so does anyone have any ideas?
    Thanks in advance.

    Hi,
    Table is based on type MDSYS.SDO_GEOMETRY (Spatial Data Types and Metadata), Check spatial is configured on your Target database and you have privilege to access that object using your schema.
    HTH

  • 11gR2 installation on Solaris failed with prereuisite 124861-15

    The 11gR2 installation on Solaris 10 sparc failed with prereuisite 124861-15.
    When I tried to install the patch 124861-20, it failed with the following(see below):
    I have Sun Studio 12-2 installed on the system.
    It was complaining that some packages (SPROmrcom, SPROlangx, SPROlang,SPROsunms ) are not installed.
    Where can I get these packages? Should not it be included in the Sun Studio 12-2 installation?
    Thanks.
    Zhigang
    # patchadd 124861-20
    Validating patches...
    Loading patches installed on the system...
    Cannot find package name, arch or version in pkginfo file /var/sadm/pkg/IR/pkginfo.
    Done!
    Loading patches requested to install.
    Done!
    The following requested patches have packages not installed on the system
    Package SPROmrcom from directory SPROmrcom in patch 124861-20 is not installed on the system. Changes for package SPROmrcom will not be applied to the system.
    Package SPROlangx from directory SPROlangx in patch 124861-20 is not installed on the system. Changes for package SPROlangx will not be applied to the system.
    Package SPROlang from directory SPROlang in patch 124861-20 is not installed on the system. Changes for package SPROlang will not be applied to the system.
    Package SPROsunms from directory SPROsunms in patch 124861-20 is not installed on the system. Changes for package SPROsunms will not be applied to the system.
    Checking patches that you specified for installation.
    Done!
    The following requested patches will not be installed because
    the packages they patch are not installed on this system.
    0 No Packages from patch 124861-20 are installed on the system.

    Hi,
    The 11gR2 installation on Solaris 10 sparc failed with prereuisite 124861-15.
    When I tried to install the patch 124861-20, it failed with the following(see below):
    I have Sun Studio 12-2 installed on the system.
    It was complaining that some packages (SPROmrcom, SPROlangx, SPROlang,SPROsunms ) are not installed.
    Where can I get these packages? Should not it be included in the Sun Studio 12-2 installation?
    Thanks.
    Zhigang
    # patchadd 124861-20
    Validating patches...
    Loading patches installed on the system...
    Cannot find package name, arch or version in pkginfo file /var/sadm/pkg/IR/pkginfo.
    Done!
    Loading patches requested to install.
    Done!
    The following requested patches have packages not installed on the system
    Package SPROmrcom from directory SPROmrcom in patch 124861-20 is not installed on the system. Changes for package SPROmrcom will not be applied to the system.
    Package SPROlangx from directory SPROlangx in patch 124861-20 is not installed on the system. Changes for package SPROlangx will not be applied to the system.
    Package SPROlang from directory SPROlang in patch 124861-20 is not installed on the system. Changes for package SPROlang will not be applied to the system.
    Package SPROsunms from directory SPROsunms in patch 124861-20 is not installed on the system. Changes for package SPROsunms will not be applied to the system.
    Checking patches that you specified for installation.
    Done!
    The following requested patches will not be installed because
    the packages they patch are not installed on this system.
    0 No Packages from patch 124861-20 are installed on the system.
    Refer my post *11gR2 Installation Error with patch 124861-15 as pre Req*
    http://appsdbaworkshop.blogspot.com/2010/11/11gr2-installation-error-with-patch.html
    thanks,
    X A H E E R

  • I'm attempting to install cs6 and after hitting install the following message appeared: installer failed to initialize. please download adobe support advisor to detect the problem. well that has been discontinued...

    i'm attempting to install cs6 and after hitting install the following message appeared: installer failed to initialize. please download adobe support advisor to detect the problem. well that has been discontinued...

    rename OOBE Folder to OOBE.old.
    to find OOBE:
    64 bit OS: Program Files x86\Common Files\Adobe\OOBE
    32 bit OS: Program Files \Common Files\Adobe\OOBE

  • Solaris boot images fail with bad magic number

    hi guys, have had Solaris on boxes for allmost 10 years. I have never installed sol10, and I have a problem
    1. I download the zip file, then use winrar to unzip them..
    2. burt the image with nero 7
    when my SunBlade 1000 comes up I do the Stop-A, and from the Ok promt
    I do boot cdrom
    this fails with "bad magic number" I have redown loaded it and reburnt it with nero reinstalled
    and also changed out the DVD on SunBlade
    3 I found a copy of Solaris 8 and the I got back a 'bitch' where is Solaris 9 so, most likely the drive is OK
    HELP
    Cris Harrison

    Hello Cris,
    unfortunately I don't understand your last sentence !
    I found a copy of Solaris 8 and the I got back a '*****' where is Solaris 9 so, most likely the drive is OK
    If this was a Solaris 8 (7/01 or later) DVD that did successfully boot, your DVD drive firmware (assuming that this is the Sun Toshiba SD-M1401) is up-to-date. If the DVD drive has firmware 1007, an update to 1009 is required to boot from DVD. otherwise you won't be able to boot from DVD (boot from CD works and a DVD can be automounted/mounted).
    Partial output of probe-scsi
    Before update:
    Unit 0 Removable Read Only device TOSHIBA DVD-ROM SD-M14011007
    After update:
    Unit 0 Removable Read Only device TOSHIBA DVD-ROM SD-M14011009
    [*Patch 111649-04 - Toshiba DVD 1401 firmware update*|http://sunsolve.sun.com/search/advsearch.do?collection=PATCH&type=collections&queryKey5=111649&toDocument=yes]
    when my SunBlade 1000 comes up I do the Stop-A, and from the Ok promt ...
    Instead of trying to directly boot, disable auto-boot and retry after a clean power-on.
    Break with Stop-A
    setenv auto-boot? false
    reset-all
    boot cdrom
    Michael

  • `test-replicationhealth QUORUMGROUP appears as failed

    Hello,
    I have monitored this failure while i was upgrading my clients Exchange 2010 SP1 servers to SP3. In my client environment they have 2 HUB/CAS servers and 2 Mailbox servers.
    When i check test-replicationhealth QUORUMGROUP appears as failed. Screenshot is attached what could be the reason. From each server Witness share can be accessed.Please help me to rectify this issue..
    Tks,
    Dilshan

    Hi,
    I would like to verify if you can bring the Quorum Group online via Failover Cluster Manager.
    What's more, please make sure that the account for DAG cluster is enabled. If it is disabled accidently, this issue will occur.
    If the issue persists, please check if there is any error event in Failover Cluster Manager.
    Hope it helps.
    Best regards,
    Amy
    Amy Wang
    TechNet Community Support

  • OCIEnvCreate fails with -1 return code on Solaris 9 x86 with Oracle 10g

    Hi
    OCIEnvCreate function is failing with -1 return code on solaris 9 x86. The database I use is, Oracle 10g release 1. I tired to connect with sqlplus and am able to connect to dataserver. Why does OCIEnvCreate fails? Can someone help me in this regard.
    Thanks

    Can place the sample code.

Maybe you are looking for

  • Help Needed For joins

    Hi All, I am new to oracle.I have a requirement. i need to display sales fields for a particular time as below. Time    Sales 6-7 3333 7-8 45345 8-9 546 But the min time and max time are coming from different query and sales fields coming from differ

  • How can we change the language of a Workspace Interface?

    Hi team, A German colleague of mine has told me he sees his workspace interface on beehiveonline.oracle.com in German. I was wondering if this was to do with his browser or if he had to modify any profile settings somewhere (to English). I know we ca

  • ORA-07445 error

    Hi All, I got following error while running a plsql package which accesses data from cube(using DBMS_AW.execute). Olap version: 11.2.0.1 Message: Access violation errors have been found in the alert log. Info from trace file: Exception [type: SIGSEGV

  • I delete iPhoto from my mac how can i reinstall it?

    i cant seem to reinstall iphoto onto my mac help!

  • CS4 - What happened to InDesign Contact Sheet Tool?

    I used this feature all the time. I guess one is supposed to use the "output" feature instead, but it's useful in many cases to have an InDesign file.