Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

udom - Permission Denied any account - System Platform inaccessible 1

Status
Not open for further replies.
LDantalion

LDantalion

IS-IT--Management
Mar 22, 2013
17
HN
Hello folks.

Wondering if anybody has seen a similar situation that possibly could help me.

S8700 dup servers. Both on 6.3

One of the servers' (now the inactive) system platform is unreachable. I have tried the following:

Resetting the admin account password (pam_tally.....)
Changing the admin account password
restarting LDAP services
Accesing cdom through the xm console command on Xen
Restarting the virtual machine for CDOM through Xen
Rebooting the server

In all instances, I cannot even use root to access the cdom/system platform. The only account that "works" is the admin with the new password I just reset, but when I try to SSH to the cdom IP, or https to the cdom IP using the admin password, it takes a while to attempt the login and the outcome is always: "permission denied" or it just times out. At the System Platform webpage it just shows "login failed." Doing the "XM console udom" also times out.

I already read a lot of the threads on this and other forums, and I am not sure what else to try at this point. Thanks for any kind of help
 
Sort by date Sort by votes
Short answer - as root on dom0, do a /usr/sbin/slapd_db_recover -v -h /var/lib/ldap, then restart ldap

Long answer - lookup on support.avaya.com KB article SOLN254619
 
Upvote 0 Downvote
Thanks for your reply @kyle555
Unfortunately, just tried that and it completes the recovery process and the LDAP reinit just fine, but it did not work. My login attempts time out when trying to SSH into the cdom IP or going through the web interface.
 
Upvote 0 Downvote
There's always been bugs with LDAP and the way dom0 and cdom sync up user accounts. Maybe check your specific system platform version. If you're under maintenance, maybe Avaya can ASG in there and fix it for you without a reload.
 
Upvote 0 Downvote
Thanks again @kyle555.
Unfortunately, we are not under maintenance. Trying to get there ($$4) but not sure how soon. That's why I was trying to see any other ways to fix this in the meantime.
 
Upvote 0 Downvote
You know, if you interchange away from that server in the duplex being inactive, it isn't more than a couple of hours to reinstall it... You've probably already spent more time than that up to this point!
 
Upvote 0 Downvote
@kyle555 I am really a newbie on this, but is there any kind of document that shows me how to "reinstall it." I guess by this you mean reinstalling the system platform? Can the system platform be reinstalled without affecting the CM on that same server? or would I be doing some kind of full server reinstall? Maybe these are stupid questions, but again, I am a newbie here. What do I need as far as software and hardware to do this? Thank you very much for any leads you can provide. You have been very helpful so far.
 
Upvote 0 Downvote
No worries.

If you're not sure, then you probably shouldn't!

But yes, you'd reinstall System Platform - which is like VMWare, but based on Linux's Xen hypervisor - that would wipe out the server. Then you'd install the CM Duplex virtual machine on it.

That CM Duplex vm is made to be connected via crossover cable to another serve running the same thing - which is you current production server. They are configured to speak to one another and run a single software instance of the call processing software. Each has its own IP, and there is a virtual IP that the active assumes.

There's some planning involved, but a competent installer could reinstall one server in a pair in rather short order. Lookup the install guides if you're interested!
 
Upvote 0 Downvote
*there's also a customer account - usually "cust" set up when System Platform is installed. I've been able to get in with that sometimes when admin doesn't work. Might even help you get a backup out of it too.
 
Upvote 0 Downvote
Similar subject.. I can't access cdom or sdom with any accounts from web or SSH, but CM is accessible. Would connecting directly to the 8300 services port allow access?
 
Upvote 0 Downvote
The services port wouldn't change all that much to be honest. Work the ldap corruption angle in the support note above. You can always login as a non-root account to dom0, su to root, "xm console udom" and login as root directly on cdom's virtual console - not that that'll do much for you.
 
Upvote 0 Downvote
@kyle555 thank you very much again.

I just will not mess with it, as I have not done it previously. I guess my best bet is to wait until we get Avaya support, but thanks a lot for the info as this might push us to get the support squared away ASAP. We tried the cust account also, which worked last time this happened, but no luck this time. Thanks again for your help!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Samfiller
  • Locked
  • Question
Avaya Definity Platform Port Pin outs
Replies
3
Views
166
AvayaTier3
AvayaTier3
TBUCEngineer
  • Locked
  • Question
Avaya Aura 6.3 System Platform Security Certificates
Replies
7
Views
341
jimbojimbo
jimbojimbo
glmyers
  • Locked
  • Question
Call Management System CMS
Replies
1
Views
256
avAyATEKky
avAyATEKky
Faisal Raza
  • Question
Avaya Aura System Manager v10. Active Directory CA deployment issue
Replies
6
Views
446
Faisal Raza
Faisal Raza
wallot
  • Question
Rest System 4 not Showing on a New CM 10.2
Replies
4
Views
453
bignose21
bignose21

Part and Inventory Search

Sponsor

Back
Top