search cancel

Active Directory connection problems and UNAB restart


Article ID: 214557


Updated On:


CA Privileged Access Manager - Server Control (PAMSC) CA Privileged Identity Management Endpoint (PIM)



Question : Is it normal that UNAB will automatically restart following failure to communicate with AD? 




Release : 14.1

UNAB version is but happens in all versions, seen in   


On UNAB operation, we found on a couple of machines that following a connection problem vs Active Directory UNAB performs a restart.

Following you can see some row of  "uxauth" grep in the log /var/log/messages:

May  6 03:02:17 machinename uxauthd[15284]: No connection to domain 'domainname', watcher thread started.
May  6 03:05:16 machinename uxauthd[15284]: Critical problem to access Active Directory.
May  6 03:05:16 machinename uxauthd[15284]: Agent auto restart now.
May  6 03:05:16 machinename uxauthd[15284]: Executed command '(sleep 3; /opt/CA/uxauth/lbin/ restart)&', return code = 0.
May  6 03:05:23 machinename systemd: Stopping CA Technologies UNAB daemon (uxauthd)...




Answer: The restart is the method that unab agent has to resolve agent problems in general (e.g., agent's memory leak, lack of DC connectivity, etc.).   
You can work around the problem by putting those bad DCs on the ignore_dc_list token.   Unless that is done by the way, you can experience login delays when one of those bad DCs is picked up for servicing a login.