I’m trying to run the command “adgpupdate” on MACs to update the AD Site info for Centrify. I have tried several was, but I still keep getting feedback in the logs like:
Command started - wait “/usr/bin/sudo -u root /bin/bash -c adgpupdate” (action:2093964)
Command failed (child exec() failed (errno is 2: No such file or directory) wait “/usr/bin/sudo -u root /bin/bash -c adgpupdate” (action:2093964)
I have had to do similar things in Linux to set the user environment to run commands like this, but the MAC is being stubborn.
My first attempt just tried running that command on its own oh, then I tried using bash to run the command and it still failed. I wasn’t sure if I had to run sudo to instantiate some environment variables to get the command to work. Running sudo in the past in Linux has worked for me.
I don’t maintain any Mac, sorry…but is it correct to doublequote the whole wait command line? I’d expect waithidden to treat that all as one big filename containing spaces, rather than as a command with parameters…
@JasonWalker, you were correct. Still can’t get this to work.
I did try several ways to run this command…
Command started - wait "sudo -u root adgpupdate" (action:2097610)
Command failed (child exec() failed (errno is 2: No such file or directory) wait "sudo -u root adgpupdate" (action:2097610)
Command started - wait adgpupdate (action:2097628)
Command failed (child exec() failed (errno is 2: No such file or directory) wait adgpupdate (action:2097628)
Command started - wait sudo -u root -c adgpupdate (action:2097629)
Command succeeded (Exit Code=1) wait sudo -u root -c adgpupdate (action:2097629)
Funny thing, whereis adgpupdate comes back with nothing. It’s like the command doesn’t exists. Or it’s some internal command. That’s why I’m trying to ‘sudo -u root’ the command. That’s the sort of thing I have had to do in the past in linux to make sure the user session is fully set. Session variables and all.
Or from Documentation Library maybe /usr/local/sbin ? (This link lists several of the default paths so it may be more useful as well)
When you complete the installation, the local computer will be updated with the following directories and files for Centrify:
This directory
Contains
/etc/centrifydc
The Centrify agent configuration file and the Kerberos configuration file.
/usr/local/share/centrifydc
Kerberos-related files and service library files used by the Centrify agent to enable group policy and authentication and authorization services.
/usr/local/sbin
/usr/bin
Command line programs to perform Active Directory tasks, such as join the domain and change a user password.
/var/centrifydc
No files until you join the domain. After you join the domain, several files are created in this directory to record information about the Active Directory domain the computer is joined to, the Active Directory site the computer is part of, and other details.
/System/Library/Frameworks/DirectoryService.framework/Resources/Plugins
The Centrify Directory Service Plugin, CentrifyDC.dsplug, that enables you to join or leave the domain using the graphical user interface.
I would’ve thought those last two would be in the default path though (besclient may not find it, but I’d at least think that ‘whereis’ would).
A lot of assumptions like $PATH being defined may not necessarily work from the BESAgent (since it’s not natively running under a shell). What surprises me is that ‘whereis’ didn’t find it either.
Again, it has been my experience of using something like wait “sudo -u root -c adgpupdate” would fix any path issues. Maybe that just doesn’t work on the MAC