cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
sagar2
Fluorite | Level 6 sagar2
Fluorite | Level 6
Go to Solution

Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-03-2021 06:28 AM (1543 views)

We changed SAS Grid authentication services from SSSD to Winbind, This was done to overcome SAMBA share enablement of each Node(5).

SAS Version : 9.4 m4

PM version : 9.1

 

We are able make SAS Grid Application up and authenticated it to Workspace server using AD Credentials.,
Currently issue with we are connecting Flow Manager job scheduler which uses LB passthru to connect Process Platform Manager (PPM) and LSF.
Old scheduled jobs are running fine... But unable to connect and generate new Jobs in application

 

Below step taken to perform the activity : 

 

1.Take backup of current config file /etc/sssd/sssd.conf
Stop SSSD
# realm leave
# net ads leave –U administrator
# realm list
# net ads info
# ps aux | grep sssd

2. Configuring Winbind

# net ads join <AD server name> –U administrator
# net ads info
# ps aux | grep winbind
# id <username>

3. Take backup of existing smb.conf & Change id-mapping in smb.conf

Comment below line

idmap config * : backend = tdb

Add below lines

idmap config * : backend = autorid
idmap config * : range = 1368200000-136820000000
idmap config * : rangesize = 2000000
winbind refresh tickets = yes
winbind offline logon = yes
winbind use default domain = yes

# cat /etc/samba/smb.conf | grep -v ^# | grep idmap
# service smb stop; service winbind stop; rm -rf /var/lib/samba/*.tdb /var/log/samba/*; net cache flush; service smb start; service winbind start
# id <username>

4. Changes made in sasauth file as below Link

http://support.sas.com/kb/49/432.html

 

Error : User are getting below Error and even we are not able to authenticate in flow manager.

sagar2_0-1612351234547.jpeg

Kindly let us know if any steps or configuration need to be done.

 

Re: Grid deamons @sasadmin1 

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-05-2021 09:31 AM (1350 views)  |   In reply to sagar2
The link provided is a bit confusing as steps 1 and 2 are the two ways you can create eauth_userpass, so those are either/or not both.

As far as how to start process manager when it's configured as an ego service, as the output mentions this is not done using jadmin but using egosh. The command egosh service list would give you the name of the service and whether or not it is already running. Perhaps ProcessManager instead of processmanager?

If Process Manager is not running I would not expect you to be able to log in to Flow Manager with any user ID.
--
Greg Wootton | Principal Systems Technical Support Engineer

View solution in original post

6 REPLIES 6
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-03-2021 10:15 AM (1491 views)  |   In reply to sagar2
Process Manager uses /etc/pam.d/eauth_userpass PAM configuration to authenticate rather than sasauth. If this isn't linked to the current pam configuration you may need to update it.

https://www.ibm.com/support/pages/account-authentication-process-manager
--
Greg Wootton | Principal Systems Technical Support Engineer
sagar2
Fluorite | Level 6 sagar2
Fluorite | Level 6

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-03-2021 11:12 AM (1473 views)  |   In reply to gwootton

created eauth file on Meta and grid master .and added detalsi as mention in steps, 

sagar2_0-1612368417808.png

 

DO we need to restart the services to take it effect ? i am unable to authenticate yet.

 

0 Likes
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-03-2021 12:13 PM (1465 views)  |   In reply to sagar2
I believe changes to eauth_userpass would require Process Manager be restarted. I would mention I don't think you would need the things under auth include system-auth.
--
Greg Wootton | Principal Systems Technical Support Engineer
0 Likes
sagar2
Fluorite | Level 6 sagar2
Fluorite | Level 6

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-05-2021 05:02 AM (1376 views)  |   In reply to gwootton

 eauth_userpass file was not available , So I generated Manually eauth_userpass file using link Account authentication in Process Manager (ibm.com)

 

But now when tried to restart jadmin was unable to make :

sagar2_0-1612517682540.png

Even tried stating up Egosh services :

sagar2_1-1612519259172.png

 

Not sure on how this took place, using Admin /Lsfadmin credential unable to logon to flow manager as well.

0 Likes
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-05-2021 09:31 AM (1351 views)  |   In reply to sagar2
The link provided is a bit confusing as steps 1 and 2 are the two ways you can create eauth_userpass, so those are either/or not both.

As far as how to start process manager when it's configured as an ego service, as the output mentions this is not done using jadmin but using egosh. The command egosh service list would give you the name of the service and whether or not it is already running. Perhaps ProcessManager instead of processmanager?

If Process Manager is not running I would not expect you to be able to log in to Flow Manager with any user ID.
--
Greg Wootton | Principal Systems Technical Support Engineer
sagar2
Fluorite | Level 6 sagar2
Fluorite | Level 6

Re: Unable to Schedule job in SMC after SAS GRID server Authentication changed from SSSD to Winbind

Posted 02-08-2021 06:13 AM (1309 views)  |   In reply to gwootton
Wonderful!! It worked for me :),
It was with name PM in service list.
thanks a lot

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 6 replies
  • ‎02-03-2021 06:28 AM
  • 1544 views
  • 5 likes
  • 2 in conversation