KB-0235: Unable to log in as Active Directory user when /var is full
Problem:
No or little space in /var directory prevents Active Directory users from logging into a Centrify-enabled machine.
Cause:
Lack of space or a full disk or directory may be caused by files in those directories getting too large, including the cache files used by Centrify DirectControl.
Resolution:
If this situation arises, Centrify recommends logging in as root and doing the following command: adflush ...This will flush the Centrify cache and make room in /var, and AD users should be able to log in. Centrify then recommends freeing or making additional space in the /var directory.
Note: If you are using a root account that is mapped to Active Directory for the zone that this machine is in, use "root@localhost" and your local root password to access the machine if you are unable to log in as any AD user.
If you are not using a root account that is mapped to Active Directory (i.e. root_default), please edit /etc/centrifydc/centrifydc.conf and comment out the line: pam.mapuser.root: root_$ZONE ...Which will continue to allow the local root account to have local access to the machine in this situation.