Further troubleshooting we have identified the following in our logs on the active node:
-0600 f_ssh_server a_general_area t_error p_major
pid: 71162 logid: 0
cmd: 'sshd' hostname: hostnameoffirewall
to get message from warder, result=0
This does not exist on our standby node.
We have also completely removed the ldap authenticator and re-added it. ldap auth still fails on active node and passes on standby node.
Found a solution to this:
Validate that the LDAP warder exsted in the authenticator.conf file:
Should look something like:
authenticator(ldap /usr/libexec/ldapw config_file directory[/var/run/authenticator/ldap] env(domain[ldpw] user group core files memory processes stack rss)
pidfile(/var/run/authenticator/ldap/ldapw.pid lock) valid[yes] enabled[on] args[-c /etc/sidewinder/authenticator/ldap.conf] service_name[ldapw] failure_event[SERVICE_FAILURE])
Gather the PID number of daemond using the following command:
Reloaded the authenticator.conf (/secureos/etc/warder/authenticator.conf) file by restarting the daemond process using command:
kill -HUP <pid ID of daemond>