Skip to main content

Troubleshooting

  • Connectivity:

    Verify that you can connect from the Bravura Security Fabric server to the listener on the Unix server by typing from a command prompt on the Bravura Security Fabric server:

    telnet <servername> <port-number>

    (for example, telnet unix1 905 )

    The screen may appear blank, because there is no handshake response. As long as you get no errors, this is OK.

    If this fails:

    • Check the host name: You should be able to ping the Unix server, and probably also to Telnet to it.

    • Compare the port number in the /etc/services file on the Unix server against the one on the Bravura Security Fabric server.

    • Verify that /etc/services and /etc/inetd.conf on the Unix server contain entries for the Bravura Security Fabric Unix listener.

    • Verify that the inetd daemon on the Unix server is running, and has received a HUP signal (kill -1 pid).

    • Verify that the correct Unix listener binary was installed in /usr/local/psunix/<instance>, by trying to run it from a Unix shell prompt. If you get a password-listener prompt, then all is well.

  • Passwords:

    Verify that the psadmin account has been defined on the Unix server, that it is a local account, and that the same password has been entered for it on both the Unix server and the Bravura Security Fabric server.

    If the Change and expire function fails, you may need to upgrade the Unix listener. Please contact support@bravurasecurity.com for more information.

    If password expiry functions fail, ensure that shadow passwords are enabled.

  • User names:

    Ensure that user names on the Unix target system are composed of valid characters only. Although it is possible to create user names with special characters, some combinations are invalid in Unix (refer to your Unix system documentation to learn about creating valid user names).

    It is strongly recommended that user names do not contain meta-characters, these characters often have special meaning and may not produce expected results when processed by the command line shell (such as the # character which is often used to begin a comment).

    Note

    If a password reset is attempted on an invalid user name in Unix, the password reset will not succeed.

  • Inetd:

    Verify that the inetd server is installed and running, that the /etc/inetd.conf and /etc/services files are updated to include entries for Bravura Security Fabric , and that the service is listening for connections on the appropriate port.

  • Permissions:

    Check that Bravura Security Fabric is configured to run as root in /etc/inetd.conf, so that the Unix listener can perform operations.

  • Key match:

    Verify that the comm-key in the psunix-config section of the /etc/psunix.cfg configuration file matches the key on the Bravura Security Fabric server, to ensure matching encrypted communication between the Bravura Security Fabric server and the Unix server.

    Note

    It is possible to have mismatched versions of the Bravura Security Fabric server and the Unix server. They will negotiate the key length and default to the shortest communication key. In this case, ensure that the first 128 bytes of the key are the same on both servers.

In this section: