In Privilege Manager for Sudo version offline authorization of commands is not always working. In the logs "upmSocSend10 - unsuccessful" messages are being seen. The offlinetimeout setting does not make any difference.
pmplugin6.0.0 (027): 3004.01 Lost connection with server
In this situation where there is a timeout between the pmplugin and the local pmmasterd during an offline evaluation, caused by extraneous DNS or Authentication Services lookups with version < 6.0.0.040. The 3004.01 message is usually accompanied by "432(ACT_SENDINFO_1) - upmSocSend10 -- Unsuccessful" messages, and will also have associated "9090 Client handling offline session" and "9091 Starting offline client session for
Some DNS lookups were unnecessarily being made, causing some timing issues during offline(local) policy evaluation. QAS can compound this as the QAS account and domain name are also in DNS.
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback 이용 약관 개인정보 보호정책