In Privilege Manager for Sudo version offline authorization of commands is not always working. In the logs "upmSocSend10 - unsuccessful" messages are being seen. The offlinetimeout setting does not make any difference.
pmplugin6.0.0 (027): 3004.01 Lost connection with server
In this situation where there is a timeout between the pmplugin and the local pmmasterd during an offline evaluation, caused by extraneous DNS or Authentication Services lookups with version < 6.0.0.040. The 3004.01 message is usually accompanied by "432(ACT_SENDINFO_1) - upmSocSend10 -- Unsuccessful" messages, and will also have associated "9090 Client handling offline session" and "9091 Starting offline client session for failed" message in the /var/log/pmmasterd.log on the plugin hosts.
Some DNS lookups were unnecessarily being made, causing some timing issues during offline(local) policy evaluation. QAS can compound this as the QAS account and domain name are also in DNS.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center