AD users have been correctly provisioned to have a role profile and a role assignment using the Centrify Access Manager console. But now the users cannot login to HP-UX systems in the zone. Other platforms can be logged into with no issue. The error message says "server unexpectedly closed network connection" during a login attempt through PuTTy.
Following troubleshooting has been performed:
- Output of the "adquery user -A <username>" shows as "zoneEnabled:true."
- Output of dzinfo shows the user has a "Unix-Login" role.
- adflush -f has been run.
- adclient has been restarted (typically not necessary)
- adleave/adjoin has been performed (also typically not necessary)
A review of the Centrify addebug logs do not show much useful information either.Cause:
Research from the following HP website reveals that usernames must be 8 characters or less:https://community.hpe.com/t5/System-Administration/HPUX-UserID-Length-Limit/td-p/5070001#.X8rWSmhKiUk
The "man 4 passwd" page for 11.23 says:
The following fields have size limitations as noted:
Login name field can be no longer than 8 characters
On HP-UX systems, keep the username (this includes AD usernames) limited to 8 characters or less. Longer usernames can be enabled but it is not recommended by HP.