11-01-2011 12:59 PM
I recently upgraded my Windows domain controllers from Server 2000 to 2003, installed and configured Identity Management for UNIX. I have checked and double checked the encryption keys and port numbers (all same across all my servers). However, now when my users change their Windows passwords, the changes are not getting to my HP-UX box. Error in syslog.log is
ssod:: Unable to bind Port Number: 6677
But.... when I do a netstat -an | grep LISTEN, I see:
tcp 0 0 *.6677 *.* LISTEN
which tells me the SSOD daemon is listening on port 6677. I've tried killing and restarting SSOD, but that apparently did not help. I also have our fireall admin checking his logs to see if any traffic is making it from the Domain Controllers to the UX system on port 6677, but as a general rule, all TCP traffic is allowed from the WIndows box to the UX box.
Any ideas? I'm about Google'd out at this point! :-)
11-01-2011 01:24 PM
> I recently upgraded my Windows domain controllers from Server 2000 to
> 2003, installed and configured Identity Management for UNIX. [...]
Was the "Identity Management for UNIX" stuff working before the
Windows upgrade, or is this all new stuff which has never worked before?
I know nothing, but a Google search for:
led to (among many other things) a Microsoft how-to document:
which suggests that there is a boatload of configuration options (NIS or
not, PAM or not, ...), none of which is revealed in your problem
description. (And that's only on the HP-UX side.)
> [...] I also have our fireall admin checking his logs [...]
And is there anything in the system log file(s) on the HP-UX
> [...] I have checked and double checked [...]
It's nice that you're happy, but we non-psychics have no idea what
you did where, and so have no idea if you know what you're doing or not.
As usual showing actual commands with their actual output can be more
helpful than vague descriptions or interpretations.
11-01-2011 02:25 PM
I do see this in my syslog.log file:
Nov 1 12:23:15 tflhp ssod:: Ssod killed by term signal
Nov 1 12:23:44 tflhp ssod:: Unable to bind Port Number: 6677
Nov 1 14:21:50 tflhp ssod:: Unable to bind Port Number: 6677
The "SSOD killed" is from me killing the process and restarting it.
What does the "unable to bind" error mean?
I can telnet to the HP-UX server on port 6677 and it accepts the connection. There is only one instance of port 6677 being listened to. I
running the command "lsof -i :6677" gives
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
ssod 18397 root 3u IPv4 0xe0000001e6e88740 0t0 TCP *:ssod (LISTEN)
11-01-2011 03:01 PM
> What does the "unable to bind" error mean?
I'd guess that it means that you're trying to start a daemon which
wants to listen at port 6677 when there's already a daemon running which
is listening at port 6677. Again, with my weak psychic powers, I don't
know what you killed or started (and when).
And, as before, all I know about the details of your configuration is
that you like them (which knowledge has minimal diagnostic utility).