This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AIX Vas user-override user issue

Using old OS(AIX5.3) and VAS client 3.5.2 and having an issue on our AIX servers with one user(pgg081) out of over 7500 where the user-override attributes(GID and shell) fail to actually override the attributes cached from AD.

 

We are trying to override the shell to /usr/bin/ksh for this user but it remains /home/ghem/ghem_access.

 # lsuser -f pgg081 | grep shell

        shell=/home/ghem/ghem_access

# grep -i pgg081 user-override

pgg081@.com:::1042460071::/home/pgg081:/usr/bin/ksh

Tried running the vastool flush and vastool flush accounts to clear the cache and reload but still get the same result.

 

Noticed the locally cached  vas_ident.vdb output doesn't seem to match between the user_posix and user_ovrd tables for user pgg081.

/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT * FROM user_posix" |grep -i pgg08

7651|1386540765|10000||||||||/home/pgg081|/bin/bash||131274612000000000|131199900244278587|0|1|1|1|1|1|

 

Portion of the user-override table showing what should be row 7651 as row 732:

/opt/quest/libexec/vas/sqlite3 /var/opt/quest/vas/vasd/vas_ident.vdb "SELECT *FROM user_ovrd" | tail -45

7648|mjd232@.com|||1756051095||/home/mjd232|/home/ghem/ghem_access|user-override

7649|cdm070@.com|||640221255||/home/cdm070|/home/ghem/ghem_access|user-override

732|pgg081@.com|||1042460071||/home/pgg081|/usr/bin/ksh|user-override

7650|mmm259@.com|||758601807||/home/mmm259|/home/ghem/ghem_access|user-override

7652|v_jss452@.com|||1756051095||/home/v_jss452|/home/ghem/ghem_access|user-override

 

Could this be why the attributes don't get over ridden for pgg081? If so, how to correct this?

 This user was removed from AD and brought back several months later with the same UID.

Thanks in advance!