[Search for users]
[Overall Top Noters]
[List of all Conferences]
[Download this site]
| Title: | DCE Product Information |
| Notice: | Kit Info - See 2.*-4.* |
| Moderator: | TUXEDO::MAZZAFERRO |
|
| Created: | Fri Jun 26 1992 |
| Last Modified: | Fri Jun 06 1997 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 2269 |
| Total number of notes: | 10003 |
2230.0. "Serious Problem with Integrated login" by OHFSS1::KANNAPAREDDY () Thu Apr 24 1997 15:10
Greetings,
I am running DCE V2.0 and Digital Unix 4.0 (rev 386) with
OSF patch # 36 (dce threads patch) on an AS 8400. the machine
is a pure "DCE and DFS client" with 1/2 the users home directory
in DFS space with no local accounts but registry accounts. Hence,
we have integrated login turned "on" so that the registry users
can access their home directories by authenticating directly
with the registry server and get "logged" in.
I understand that the Integrated login is implemented via the
shared library approach, but one can get really "messed" up
with this or the way it is implemented.
Take this scenario:
Our network is stable most of the time but sometimes due
to whatever reason, the routers go "south" and "every" user
who does a remote login (telnet) during that period leaves a
hanging "inetd" process. Since, one does not try to wait, he
does "telnet" repeatedly within an hour you have "filled" up
the process table ( a pity the size is so low currently).
Anyways you decide it is time to go to the "console" and restart
the network services. But as you can see, even "root" cannot
login at the console, please note, this is irrespective whenter
the process table is full or not. there was a situation where
the process table was "not" full and I tried to login at the console
after "validating" my password, it would just sit there doing
nothing. So, the only solution was to bring the system "hard"
, I had no choice. This happens say on the average "once"a month.
Now, the intresting part. Once, when this happened I had
"fortunately" a "root" session window open at my workstation.
Now, I thought great I would do a "/usr/sbin/rcinet restart" to
clear up all the I/O errors and it would be great. But I
noticed that the command would just hang. Why, because it would
call some script that did am "ps -ef" and it would hang. Which
probably was due to the "getpwnam" command just not returning the
correct "map" for the uid. (I tried ps -ef at the prompt and it
would hang but NOT ps -e!). The I decided to "turn" off SIA,which
would also NOT work because the "dcesetup" does a "whoami" which
hangs too. So, I went to "/etc/sia" and manually cloobered the
matrix.conf file to "bsd......conf" and then with dcesetup able
to stop the daemons. And after a restart everything worked fine.
. What was wrong with the DCE client?. Because when I did a
dcecp and executed various commands, showed that all the servers
were available (core). So, I knew it was something with the
"libdcesiad.so" that had some call that would just HANG.
. On the last occasion , I was lucky to have a "root" session
otherwise I would have to "reboot" the machine. But, I cannot
gurantee to have a root window open all the time (security
consideration).
. Fooling around with "etc/sia/matrix.conf" is NOT an option.
If it is a bug than I need to resolve it. Since this is a
24x7 production machine "DCE client" , I cannot afford to "HARD"
reboot the machine all the time this happens.
I am really sorry for this long post. But, I am not sure where
this discussion belongs, I mean, I don;t know which group provides
the "libdcesiad.so" .
cheers
Mohan
| T.R | Title | User | Personal
Name | Date | Lines
|
|---|