08-02-2021 12:49 PM
Hello,
I don't understand why I'm seeing a set of errors whenever an admin logs into a Nexus 9k switch (login/role association works properly). Here's an example from a single login:
2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd.21457 IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd.21457 IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %AUTHPRIV-3-SYSTEM_MSG: change user 'datw' password - usermod[21457] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd.lock IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd.21457 IN_DELETE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow.21457 IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow.21457 IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow.lock IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow.21457 IN_DELETE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc group.21457 IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.742 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc group.21457 IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc group.lock IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc group.21457 IN_DELETE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd- IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd- IN_ATTRIB) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd+ IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd+ IN_ATTRIB) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd+ IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd IN_MOVED_TO) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow- IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow- IN_ATTRIB) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow+ IN_CREATE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow+ IN_ATTRIB) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow+ IN_MODIFY) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow IN_MOVED_TO) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc group.lock IN_DELETE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc shadow.lock IN_DELETE) - incrond[28116] 2021 Aug 2 18:10:54.743 csw-02 %CRON-3-SYSTEM_MSG: (system::watch.conf) CMD (/isan/bin/etc_persist_ha_sync.sh /etc passwd.lock IN_DELETE) - incrond[28116]
I'm not certain if this is being caused by our AAA configuration, but I haven't found anything that would indicate why I'm seeing this issue.
ip tacacs source-interface Vlan948 tacacs-server timeout 3 tacacs-server deadtime 10 tacacs-server host 10.0.0.1 key 7 <key> tacacs-server host 172.16.0.1 key 7 <key> aaa group server tacacs+ ISE-SERVER-GROUP server 172.16.0.1 server 10.0.0.1 aaa authentication login default group ISE-SERVER-GROUP aaa authentication login console local aaa authorization config-commands default group ISE-SERVER-GROUP local aaa authorization commands default group ISE-SERVER-GROUP local aaa accounting default group ISE-SERVER-GROUP
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide