Job on Linux agent failing with exit code -655 when using domain user

Document ID : KB000077130
Last Modified Date : 12/04/2018
Show Technical Document Details
Issue:
When using a domain user (from LDAP/Active Directory) as job owner to execute a job on Linux agent, the job fails with exit code -655 and error "Owner attribute error. User does not exist in the system". However, we are able to logon (ssh) to the Linux agent host as that user.
Environment:
CA WA System Agent  (32bit ) 11.3.x, 11.4 on Linux.
LINUX system configured with System Security Service Daemon (SSSD) or Winbind (Samba suite) or similar utilities to retrieve and authenticate user  from LDAP/Active Directory.
Job owner is in the Active Directory or LDAP.
Cause:
The LINUX host where the job fails is missing 32bit SSSD or Winbind libraries. CA WA System Agent 32bit requires 32bit PAM libraries from SSSD or Winbind to authenticate the external domain user.
Resolution:
Install 32bit PAM libraries for SSSD or Winbind and update the LD_LIBRARY_PATH in the /etc/profile to include the path where the 32bit libraries (default is /lib/) are installed.
Example:
RHEL
# rpm -qa | egrep sssd-client.*\.i[0-9]{3}$
sssd-client-1.9.2-129.el6.i686

SuSE
# rpm -qa | grep sssd-32bit
sssd-32bit-1.9.4-0.12.24

Alternatively, one can install CA WA System Agent 64bit which would then use the existing 64bit PAM libraries of SSSD or Winbind.
 
Additional Information:
Why do we see errors: "CAUAJM_W_10559 Unable to set groups: Success" and "CAUAJM_E_10106 Failed to determine currently logged in user."