Hi
RedHat EL6.x
Centrify
xrdp [RedHat 0.5.0 rpm]
We have several RedHat EL6.x machines that are using a third party tool called Centrify to associate Linux Auth to a Windows AD. We have a custom PAM module that works in the PAM "session" sphere to add near real time user account login/out events to a DB.
We have found a couple of issues:
1) the default /etc/pam.d/xrdp-sesman file seems to be useless for AD integration. using the "sshd" pam.d file contents seems to work.
2) the login/out tracking PAM module mentioned above has been working with sshd for at least a full year. Its PAM config line looks like: "session optional pam_loginTracker.so".
2.A) something about glibc, libmysqlclient and xrdp causes xrdp to seg fault when a MySQL statement handle is "finished". I can comment out the "finish" and the seg fault goes away but that doesn't seem to encourage good programming style.
2.B) after commenting out the offending mysql "finish" and re-running the xrdp session the xrdp "status panel" on the client machine reports an unidentified error and the session is not completed. No errors are reported in the xrdp log file. I have noticed that there is text in the status panel that does not "wrap" and "over flows" the panel border. The text can not be selected or I would include it here.
3) the interaction with "chkconfig", /etc/init.d/... seems a bit fragile. Starting and stoping the daemons doesn't always work.
