[Date Prev][Date Next] [Chronological] [Thread] [Top]

Configuring UNIX clients to retrieve user info from LDAP

Hi All,

Sorry for reposting the mail. This is a long term problem for me. I am unable to retrieve user information from LDAP server, which is a proxy to AD. The normal LDAP search (see the command below) gets me the data, but the "getent passwd" only gets me local users from passwd file.

ldapsearch -x -h ldapserver -LLL -b dc=internal,dc=phg,dc=com,dc=au

Is there any problem with my configuration? Thank you very much.

Here is my client configuration.


uri ldap://ldapserver.research.phg.com.au/
base dc=internal,dc=phg,dc=com,dc=au
scope sub
bind_timelimit 15
timelimit 15
ssl no
referrals no
nss_base_passwd dc=internal,dc=phg,dc=com,dc=au?sub
nss_base_shadow dc=internal,dc=phg,dc=com,dc=au?sub
nss_base_group dc=internal,dc=phg,dc=com,dc=au?sub?&(objectCategory=group)(gidnumber=*)

nss_map_objectclass posixAccount user
nss_map_objectclass shadowAccount user
nss_map_objectclass posixGroup group

nss_map_attribute gecos cn
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute uniqueMember member
nss_initgroups_ignoreusers root,ldap

pam_filter objectClass=posixAccount
pam_login_attribute uid
pam_lookup_policy no



CAUTION: This email message and accompanying data may contain information 
that is confidential and/or subject to legal privilege. If you are not the 
intended recipient, you are notified that any use, dissemination, 
distribution or copying of this message or data is prohibited. 
If you have received this email message in error, please notify us 
immediately and erase all copies of this message and attachments. Thank you.