having authentication problems on DMZ servers - Likewise Open

[aspiringuru]

We recently rolled out Likewise Open in our environment to address the need to authenticate our Linux servers against Active Directory (AD). We were previously accomplishing this using the pam_smb module, but after we updated our Domain Controllers to Windows 2008, several users were experiencing problems logging into RHEL servers with their AD credentials.

Long story short - we rolled out Likewise open which allowed us to make all of our RHEL3/4/5 servers join our Active Directory domain with a very high success rate.

However, now we have a handful of systems residing in the DMZ that are experiencing intermittent problems authenticating users, whether they are local accounts like root or network accounts from AD. The servers will respond to ping but we cannot SSH to them or even log in from the console. This happens every other day and the only fix we have so far is to reboot the system, only to see the problem return within a short amount of time.

When I look in the /var/log/secure log file, I see the following error appear:

sshd[6843]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.

After searching thru the almighty google - I see references to ipv6 being the culprit, but I have gone thru all of the steps to disable ipv6 and the problem still persists.

Does anyone have any experience with this kind of problem?

[Lazydog]

For fun lets take a look at your system with the issues. Run the following and post the output;

Code:

lsof -i :22

If you do not have lsof installed try the following;

Code:

netstat -a |grep LISTEN |grep :ssh

[aspiringuru]

Heres the output:

[root@hostnamebin]# lsof -i :22

COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME

sshd 6307 root 3u IPv6 49988 TCP hostname:ssh->IP Address:47492 (ESTABLISHED)
sshd 6310 hb19867 3u IPv6 49988 TCP hostname:ssh->->IP Address:47492 (ESTABLISHED)
sshd 6540 root 3u IPv6 51410 TCP *:ssh (LISTEN)

[root@hostname bin]# netstat -a |grep LISTEN|grep :ssh

tcp 0 0 *:ssh *:* LISTEN

[aspiringuru]

Not sure if this will help right now or not since this is one of those times i can actually get into the server :-/

[Lazydog]

sshd 6540 root 3u IPv6 51410 TCP *:ssh (LISTEN)

Here is your problem. It tells you the 22 is bound to IPv6. If you are not using IPv6 you should shut it totally off.

Edit /etc/sysconfig/network and and make sure that IPv6 is set to NO

Code:

NETWORKING_IPV6=no

Edit /etc/modprobe.conf and add these lines:

Code:

alias net-pf-10 off
alias ipv6 off

Stop IPv6firewall from starting on boot:

Code:

chkconfig ip6tables off

Stop the ipv6tables service:

Code:

chkconfig ip6tables off

If the server is local to you restart Network services

Code:

service network restart