Since the upgrade to 3.4.4 and 4.0, we cannot refresh our LDAP groups in PAM. This blocks new users from getting registered in and being able to use PAM.
Release : 4.0,4.1
Component : PRIVILEGED ACCESS MANAGEMENT
There was a subtle problem with the old VM instances that caused the LDAP importer Java process to crash while trying to load libraries, before executing any PAM-specific code. This was unique to the environment.
Replacing the old PAM instances with new ones based on the 4.0 OVA file resolved the problem.