[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Can't get uid with ls -l (nss_ldap / ldap auth)
Hi all,
i have been working on this the whole afternoon now and I give up, I need
your help. I have set up an openldap server under Redhat 7.2 with the
(updated) rpms (v2.0.21-1). The server is working correct, I can add/modify
and delete whatever I want. On the other box (client) I am running Redhat
7.0 with the following RPMs:
openldap-2.0.21-0.7.1
nss_ldap-149-4
openldap12-1.2.12-3 (needed for pine, sendmail)
Now I have taken the easy way and used authconfig from redhat in order to
set up the nss_ldap module. Everything seems to be correct, here are the
config values:
/etc/nsswitch.conf:
passwd: files ldap
shadow: files ldap
group: files ldap
/etc/ldap.conf
host ldap.foo.org
base dc=foo,dc=org
As far as I have understood nss, I don't need the ldap auth or the pam files
for now (but they already contain the pam_ldap.so).
Now my tests:
[root@knuth /home]# chown ldaptest a
chown: ldaptest: invalid user
[root@knuth /home]# chown 599 a
[root@knuth /home]# ls -l a
-rw-r--r-- 1 599 599 0 Mar 25 21:02 a
[root@knuth /home]#
A tcpdump on another console on the client (knuth) says that exactly the
correct data (ldaptest/uidNumber599) is requested and received. Yes,
received. So I think the request is correct, the ldap server is responding
and I get a correct answer. But my system simply doesn't use this answer. I
have used nscd, I have disabled it, no effect. Here is the answer I get from
the client with ldapsearch:
[root@knuth /home]# ldapsearch -H ldaps://ldap.foo.org/ -b 'dc=foo,dc=org'
'(uid=ldaptest)' -x
version: 2
#
# filter: (uid=ldaptest)
# requesting: ALL
#
# ldaptest, People, foo, org
dn: uid=ldaptest,ou=People,dc=foo,dc=org
uid: ldaptest
objectClass: account
objectClass: posixAccount
objectClass: top
loginShell: /bin/bash
uidNumber: 599
gidNumber: 599
homeDirectory: /home/ldap
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
Do you have any help or hints for me?
Best regards Markus