[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OPENLDAP ACL problems..

Hi Adam,

Thanks a lot for replying. I am sorry I completely missed out the
nsswitch.conf part. The passwd and group entries look like:

	passwd:	files ldap
	group:	files ldap
	shadow:	files ldap

In fact, without the passwd entries setup correctly the login itself
would not have succeeded.



On Mon, 5 Aug 2002, Adam Williams wrote:

> >I am sorry if this topic is off target in this august group. I am posting
> >this here because I could not get the answers in the archives and I did
> >not get any help in pam_ldap group also.
> >What I am after:
> > 	I am trying to replace NIS with LDAP.
> > Environment:
> > 	RedHat 7.2, openldap-2.0.11
> > Problem:
> > 	I have setup PAM entries correctly so that I am able to log into
> > 	the system via ssh. Changing passwd (I saw many postings related
> > 	to this but it was not an issue for me) also works fine.
> >
> > 	The problem I face is that the system cannot map my uid and gid
> > 	to proper string values. Just after I login I get the message
> > 		id: cannot find name for user ID 50000
> > 	The value 50000 happens to be my userid defined in the LDAP
> > 	database.
> > Some Observations:
> > 	When I execute "getent passwd" as a normal user I dont succeed
> > 	but when root does the same, the LDAP users are shown properly.
> > 	My guess is that this is a problem in access control definitions.
> > 	I am enclosing /etc/openldap/slapd.conf and /etc/ldap.conf files
> > 	below.
> Sounds like an nss problem, no a pam one (as you did manage to sign
> in).  What do the user and group lines of /etc/nsswitch.conf look like?


| Ajit K. Jena              Phone : (Office) +91-22-5767751       |
| Computer Centre                            +91-22-5722545 x8750 |
| Indian Institute of Technology    (Home)   +91-22-5722545 x8068 |
| POWAI, Bombay                     Fax   :  +91-22-5723894       |
| PIN 400076, India                 Email :  ajit@cc.iitb.ac.in   |