-
Title
Account Shows as Disabled -
Description
User Account in Authentication Services on a Linux host shows as disabled with an error similar to the following:
[root@examplehost sudoers.d]# vastool nss getpwnam exampleaccountexampleaccount:VAS:39991:21120:exampleaccount_test:/home/exampleaccount:/bin/false -
Cause
The account has been disabled in Active Directory -
Resolution
To test whether or not the account has been disabled in Active Directory run the following command substituting with the account having issues logging in:
/opt/quest/bin/vastool -u host/ attrs | egrep "userAccountControl:"The results should be either:
userAccountControl: 66050
or
userAccountControl:6604866050 means the account is disabled in Active Directory in which case, please ensure the account is enabled in Active Directory and try logging into the Linux host once more once done.
66048 means the account is enabled in Active Directory in which case, please contact One Identity support for additional support.