Kategorie
Product Version
Topic
Subtopic
How do you define a server from a licensing perspective? (4285189)
there needs to be a server license. ... All servers in an environment where some user could potentially log in, and execute QAS code, must be licensed individually. ... This usually corresponds to a computer object in Active Directory (AD).</p>
Is there a command for checking if the client is working properly? (4295274)
Yes there is a command for checking if the client is working properly. ... <br><br>Please read <a href="https://support.quest.com/authentication-services/kb/60765" title="KB 60765" target="_blank">How to monitor the health of the Authentication Services client?</a>
Can I install multiple Authentication Services' licenses? (4285139)
Yes, multiple licenses can be installed. ... Each valid, unexpired license will be calculated towards the license count.
6.1 upgrade GLIBC_2.25' not found (required by /opt/quest/lib64/libvas.so.4) (4378315)
Included in version 6.1 of Safeguard Authentication Services a build with Control-flow Enforcement Technology (CET) enabled for Linux x86_64 architecture. ... This package is only for RHEL 8 and later.
Can Safeguard Authentication Services (SAS) use LDAPS rather than LDAP? (4255867)
LDAPS (Port 636) is not supported. ... Our LDAP traffic is secured via GSS-API. ... For more details please read the following KB by clicking the link: ... How does Quest Authentication Services encrypt data?
Deprecated options in vas.conf (4378176)
Can be removed. ... 2) [vasd] workstation-mode-group-do-member = <boolean> ... Deprecated, true by default, no longer needed, can be removed.
How to enable vasd debug to capture more information (4263684)
Below are the steps for enabling vasd debug to capture more information about what is happening. ... 2. Configure the System Logger configuration file for the operating system to capture debug. ... The name of the file, location, and setting may vary.
Safeguard Authentication Services has two version paths: Feature Release (FR) and Long-Term Support (LTS). (4378084)
LTS versions are incremented as 6.0.x. ... Each release will contain fixes for defects only. ... No new features are added to LTS. ... Feature versions are incremented as 6.x.0. ... For example 6.1.0, 6.2.0.
New License requirement for Safeguard Authentication Services 6.1 (4378076)
Starting from Safeguard Authentication Services version 6.1 a new license is required to be installed post upgrade or install. ... Please review the steps in the resolution section below to upgrade your license.
Account locked - Too many incorrect password attempts / User account has expired (4377659)
sshd[19727798]: error: PAM: User account has expired for user1 from 10.10.10.10 ... The attempts to access the account that are triggering the account to be locked are not coming through SAS. ... The expired message is also coming from AD.
SPN error messages in status output after a join when DNS does not match Kerberos Realm (4373150)
WARNING: Did not find keytab SPN <host/host001.prod.domain.com> in list of AD SPNs <as/HOST001 host/HOST001 > WARNING: 503 host.keytab has SPN entries that are not in AD. ... --------------------------
Manually setting up QAS for oneway trusts (4255888)
Manually setting up QAS for oneway trusts. ... How do I configure QAS to for a oneway trust? ... Other than the AD trust, two things need to be done on the QAS clients: ... 1- A user/service account in the trusted domain.
Several minutes after setting up Quest on a server the vas.conf gets overwritten (4284086)
After setting up a QAS server, the vas.conf settings change. ... The VAS Configuration settings in Group Policy can apply single line edits to the vas.conf. ... Any VAS Configuration setting in AD will add or overwrite that particular line in vas.conf, but any settings left empty will have no effect.
LTS release vs Feature release versioning (4377510)
In the version number, a number other than zero in the second spot means it's FR or non-LTS, if the second spot is zero then it's an LTS ... LTS will always be ... 6.0.# ... 6.2 ... However, this is the usual case for SAS and SSB, this can be different for other products.
vascert trigger error Failed: Cannot create directory '/var/opt/quest/vascert/vascert.jar' (4377534)
Create a file called .machinetrigger in the /var/opt/quest/vascert/ directory. ... touch /var/opt/quest/vascert/.machinetrigger ... Then run the vascert trigger command: ... [root@test bin]# ./vascert trigger
Microsoft Windows Server 2025 Support (4377528)
Support for the Windows 2025 Server is being investigated. ... The SAS change request number for tracking is 469497.
The vastool status reports INFO: SELinux enabled vasd policy is NOT installed. (4290605)
The /opt/quest/bin/vastool status command reports INFO: SELinux enabled vasd policy is NOT installed.
Unable to load GSS-API DLL - SSO for SAP (4377339)
When installing SAP GUI 800 on a system installed with QAS SSO for SAP shows the following error on 64bit Operating Systems: ... This occurred because previous versions of the GUI were only available for 32-bit systems.
Time synchronization error: ""VAS_ERR_KRB5: System time out of sync with AD. Clock Skew too great. (4264601)
You receive a time synchronization error when logging in to a server. ... FAILURE: 303 VAS is not in time sync with the AD controller it is contacting. ... vasd will operate as a time synchronization agent for the Unix host if no other process is using the NTP port (123).
The QAS Control Center is crashing on startup. (4273163)
When starting the QAS Control Center it crashes even after reinstalling. ... This is caused by a corrupt installation of .NET framework SP1 ... TROUBLESHOOTING: ... If the above does not resolve this issue please debug will need to be enable for further analysis:
Upgrading Active Roles Server (ARS) with an older version of Safeguard Authentication Services (SAS) present (4376901)
Upgrading SAS to a supported version ensures compatibility and proper functionality with the new version of ARS. ... <p><br><strong>Understanding the Relationship Between ARS and SAS</strong></p>
Getent search with <gidNumber> only returns results if groups are already cached (4376338)
The getent group <gid> operating system command only returns results if the groups are already cached. ... for a group that isn’t in the local cache, it reaches out to AD and pulls the group name and <strong>gidNumber</strong>.<br><br>If we use <strong>getent group <gid></strong> for a group that isn’t in the cache, it doesn’t return results.<br><br>Examples:</p>
Does SAS have TLS version dependencies? (4376317)
Internal requirement is to disable the TLSx.x version, and only use TLS.x.x for LDAP. ... </p>
Does Safeguard Authentication Services support FAST / Kerberos Armoring? (4376362)
There is an enhancement request open for this functionality.<br>The ER number for reference is 258081 (Support Kerberos armoring / FAST)<br>At the time of this writing, July 11th, 2024 support does not have an ETA.
Is Authentication Services build with CET enabled (4376192)
CET can protect both applications and the kernel. ... CET introduces shadow stack and indirect branch tracking (IBT).
Neue Produktverknüpfung
- Self-Service-Tools
- Knowledge Base
- Benachrichtigungen und Warnmeldungen
- Produkt-Support
- Software-Downloads
- Technische Dokumentationen
- Benutzerforen
- Videoanleitungen
- RSS Feed
- Ausgewählte Inhalte
- Error message during join
- Failed to Validate - Out of Range when opening Control Center or using the Unix Tab
- User Cannot Login Troubleshooting
- Support Technical Training
- Kontakt
- Technische Support
- Alle anzeigen