This content has been marked as final. Show 9 replies
restart SGD? for a simple user password change? not optimal and why would it be necessary ?
The account may be locked (disabled) in SGD.
tarantella object list_attributes --name ".../_ens/o=Organization/cn=accountname"
Look for "enabled: 0" in the output. If it's zero, then the account is locked.
tarantella object edit name ".../_ens/o=Organization/cn=accountname" enabled true
Out of curiosity, you wrote "sgd is still giving invalid credentials" - does this imply the login failure was occurring prior to resetting the password?
Is this only happening for this single user-id, or are other "unix" users affected?
Is there a Unix user profile for this user-id? If so, check to make sure the username attribute is mapped to the "right" unix userid. And, as suggested, be sure the account (user profile) is enabled.
I'd take a look at the logs, especially for any jserver errors that might be getting logged.
If nothing there, you may try setting a "server/login/*:login.log" logfilter to see if that provides any clues.
We ended up doing a server restart. Restarting SGD did no clear this issue.
The account is not locked , and the user can login to the server at the unix lievel ( we have checked ) on the sgd servers without issue.
The user did have the issue prior to our resetting the password. As far as we know it is this user only at this time.