Anonymous_User Absent Member.
Absent Member.
810 views

LUM enabled services LUM Enabled Services are not listed in the unixworkstation object

Hi,

this is OES2108. LUM seems to work. (Can login with a LUM-enabled user;
id <user> shows the same user ID as in iManager)

But in 'iManager / Linux User Management / Modify Unix Workstation
Objekt / LUM enabled services' are no services visible.

In TID7010025 (OES2 from 2012 😉 is described that pam_nam.so from
/etc/pam.d/openwbem has to be correct. But this file is not there
because openWBEM is migrated to sfcb.

What is the way to get the enabled services visible?

Bernd
Labels (2)
0 Likes
10 Replies
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

Based on quick testing on OES2015SP1:
to get the services listed, you
- need to have sfcb up and running
- need the file /etc/pam.d/sfcb
- need the entries referencing pam_nam.so in the sfcb file
once all this is done you'll get anything listed in iManager which has the statement
account sufficient pam_nam.so
in it. Actually if i create a file named "lalala" with the statement above in it i get "lalala" listed in iManager as a LUM-enabled service.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LUM enabled services LUM Enabled Services are not listed in theunixworkstation object

Am 12.07.2018 um 17:54 schrieb mathiasbraun:
>
> Based on quick testing on OES2015SP1:
> to get the services listed, you
> - need to have sfcb up and running
> - need the file /etc/pam.d/sfcb
> - need the entries referencing pam_nam.so in the sfcb file
> once all this is done you'll get anything listed in iManager which has
> the statement
> account sufficient pam_nam.so
> in it. Actually if i create a file named "lalala" with the statement
> above in it i get "lalala" listed in iManager as a LUM-enabled service.
>
>

This is OK on OES2015SP1 😉

But this is OES2018!

The service is called sblim-sfcb.service now. It is up and running.
(But the rcsfcb is linked to /usr/sbin/service and without parameter
there is no answer from service)

The file /etc/pam.d/sfcb is there. The entries referencing pam_nam.so
are in the sfcb file.

Even if I create the file test in /etc/pam.d/ it is not shown in the
list in iMananger.

Bernd
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

i'll check once i return to a 2018 lab.
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

Pretty easy to dupe, even on a single-server vanilla installation. I just have this single VM avail at the moment (and i still haven't found what's going wrong) but on this box i initially couldn't even get a simple "wbemcat" to work. This was related to a wrong statement in sfcb.cfg where
basicAuthLib
was set to
sfcBasicAuthentication
instead of
sfcBasicPAMAuthentication
which obviously can't work. After changing this i still can't list the LUM-enabled services in iManager, but at least i get different errors 🙂
...and i can login to sfcb with both local and LUM-enabled accounts.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LUM enabled services LUM Enabled Services are not listed in theunixworkstation object

Am 17.07.2018 um 18:54 schrieb mathiasbraun:
>
> Pretty easy to dupe, even on a single-server vanilla installation. I
> just have this single VM avail at the moment (and i still haven't found
> what's going wrong) but on this box i initially couldn't even get a
> simple "wbemcat" to work. This was related to a wrong statement in
> sfcb.cfg where
> basicAuthLib
> was set to
> sfcBasicAuthentication
> instead of
> sfcBasicPAMAuthentication
> which obviously can't work. After changing this i still can't list the
> LUM-enabled services in iManager, but at least i get different errors
> 🙂
> ...and i can login to sfcb with both local and LUM-enabled accounts.
>
>

The sfcb.cfg entry here was 'sfcBasicPAMAuthentication' so this seems to
be OK. (in sfcb.conf I read sfcBasicAuthentication is the Default for
basicAuthLib?) But I'm unable to get 'wbemcat' to run, too. But this is
because I do not know a correct request file 😉

Bernd
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

<?xml version="1.0" encoding="utf-8"?>
<CIM CIMVERSION="2.0" DTDVERSION="2.0">
<MESSAGE ID="4711" PROTOCOLVERSION="1.0">
<SIMPLEREQ>
<IMETHODCALL NAME="EnumerateClasses">
<LOCALNAMESPACEPATH>
<NAMESPACE NAME="root"/>
<NAMESPACE NAME="cimv2"/>
</LOCALNAMESPACEPATH>
<IPARAMVALUE NAME="ClassName">
<CLASSNAME NAME=""/>
</IPARAMVALUE>
<IPARAMVALUE NAME="DeepInheritance">
<VALUE>TRUE</VALUE>
</IPARAMVALUE>
<IPARAMVALUE NAME="LocalOnly">
<VALUE>FALSE</VALUE>
</IPARAMVALUE>
<IPARAMVALUE NAME="IncludeQualifiers">
<VALUE>FALSE</VALUE>
</IPARAMVALUE>
<IPARAMVALUE NAME="IncludeClassOrigin">
<VALUE>TRUE</VALUE>
</IPARAMVALUE>
</IMETHODCALL>
</SIMPLEREQ>
</MESSAGE>
</CIM>
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LUM enabled services LUM Enabled Services are not listed in theunixworkstation object

Am 18.07.2018 um 13:44 schrieb mathiasbraun:
>
> <?xml version="1.0" encoding="utf-8"?>

(...)

Thx!

In sfcb.cfg are:
httpPort: 5988
httpsPort: 5989

but
enableHttp is false

set it to true and restart sfcb does show the port 5988 is now
listening. But 'LUM enabled Services' is empty as before ...

more hints?

Bernd
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

After getting the empty list, on a
rcsblim-sfcb status
do you get something like
"novell_pam_settingdata provider exiting due to a SIGSEGV signal"?
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

You might want to open a service request and reference bug 1097239.
0 Likes
Knowledge Partner
Knowledge Partner

Re: LUM enabled services LUM Enabled Services are not listed

Finally resolved with Update 4.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.