The script vas_status or vastool status will sometimes report the following errors.
FAILURE: 713 duplicate users in the cache
FAILURE: 714 duplicate groups in the cache
This can occur when two active directory objects were unix enabled and assigned the same uid or gid number. This is not considered best practice and is generally done in error.
The local cache can be queried to determine what uid or gid numbers are being cached.
This query can be used to detect duplicate user entries based on their uidNumber. Anything returned will be in the database at least twice.
/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT uidNumber FROM user_posix GROUP BY uidNumber HAVING ( COUNT(uidNumber) > 1 )"
To check for duplicates in the group cache based on the gidNumber this query is valid.
/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT gidNumber FROM group_posix GROUP BY gidNumber HAVING ( COUNT(gidNumber) > 1 )"
To then lookup the duplicate uidNumbers or gid Numbers we can use these queries below
To check for uidNumbers, replace 'UIDS' with whatever was returned from our original user query.
/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT * FROM user_posix" |grep UIDS
To check for gidNumbers, replace 'GIDS' with whatever was returned from our original group query.
/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT * FROM group_posix" |grep GIDS
The queries mentioned do not make any changes to the database and are safe to run. The uid or gid conflicts will have to be resolved in Active Directory however.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center