[Date Prev][Date Next] [Chronological] [Thread] [Top]
Re: Problem with getent passwd

To: Lynn York <lynn.york@mavenwire.com>
Subject: Re: Problem with getent passwd
From: Tyler Gates <tgates81@gmail.com>
Date: Sat, 27 Mar 2010 07:16:38 -0400
Cc: Benjamin Griese <der.darude@gmail.com>, openldap-technical@openldap.org
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=hxhgwX/wn2AHc+JEUoN5vtsWyPIJyVFzs0AqqzQ6qi4=; b=nsi2vHvJbDhZmc7m2G3MozuWXiSbNrDwzp4UiWxwdIzGA8nsUVL1/rCBiTsVIgrLW9 kAXVzeTMDpFDVP8BRwqHJ7ch2eTtpjBukcMZ1Vo7qcdRxAW4pRpk7umbz4Hcm06qTYIc u5g+NgebUOi1NTZcNjpl9+AE+kKZrVmBF26uk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=GcEahdX4BWU0IMwIc7t5RVXlSS1spFg8qJInNF3LYfMLQcYsffnv/IwPuugR3ni4k/ 0FN0d+QW9NOWAR/2bEZchGbbN7yIGbvXG79X18P767Hz5ml5jI/oTAhhuUxCymoWz04G oOGHG5k6B41ZnmgLbaDEk2IcQDY+bXzRRfoNc=
In-reply-to: <-7662161074877908702@unknownmsgid>
References: <1ed94ea4fd9f95ea0afe20e9156e73b5@mail.gmail.com> <C6D73D4B-7E66-4691-8770-0F1E61B7F13C@gmail.com> <adc36d9e994c203d94b2b333513ba920@mail.gmail.com> <4BAABCED.7020601@gmail.com> <7807205269848089649@unknownmsgid> <df8660ef1003250856y20467157nceec8b302f9b4be0@mail.gmail.com> <-1073482195711626889@unknownmsgid> <4BABDAEF.5060509@gmail.com> <-7662161074877908702@unknownmsgid>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.8) Gecko/20100313 Thunderbird/3.0.3
I'm thinking your rwm-map attributes is possibly messing this up. You have:

rwm-map objectclass posixAccount organizationalPerson
rwm-map attribute uid sAMAccountname
rwm-map attribute uidNumber uidNumber
rwm-map attribute gidNumber gidNumber
rwm-map attribute givenName cn
rwm-map attribute unixHomeDirectory homeDirectory
rwm-map attribute unixUserPassword UserPassword

So for example you saMAccountname is really pointing at uid? Or vise versa? I'm really not that familiar with those mappings but I suspect it has something to do with your problems. I'm thinking maybe your syntax for it isn't right or you don't have all your attributes mapped that it is looking for:

posixAccount
uid
userPassword
uidNumber
gidNumber
cn
homeDirectory
loginShell
gecos


Could you provide us an ldif on the offending query?


On 03/26/2010 11:25 AM, Lynn York wrote:
> I changed my logging to "-1", below is a log from running "id lynntest"
>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: activity on 1 descriptor
>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: activity on:
> Mar 26 11:10:41 hltraindb01 slapd[16115]:
> Mar 26 11:10:41 hltraindb01 slapd[16115]: >>> slap_listener(ldap:///)
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: listen=8, new connection
> on 14
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: added 14r (active)
> listener=(nil)
> Mar 26 11:10:41 hltraindb01 slapd[16115]: conn=2 fd=14 ACCEPT from
> IP=10.203.2.50:13493 (IP=0.0.0.0:389)
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: epoll: listen=7
> active_threads=0 tvp=NULL
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: epoll: listen=8
> active_threads=0 tvp=NULL
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: activity on 1 descriptor
>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: activity on:
> Mar 26 11:10:41 hltraindb01 slapd[16115]:  14r
> Mar 26 11:10:41 hltraindb01 slapd[16115]:
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: read active on 14
> Mar 26 11:10:41 hltraindb01 slapd[16115]: connection_get(14)
> Mar 26 11:10:41 hltraindb01 slapd[16115]: connection_get(14): got connid=2
>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: connection_read(14): checking
> for input on id=2
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: epoll: listen=7
> active_threads=0 tvp=NULL
> Mar 26 11:10:41 hltraindb01 slapd[16115]: do_bind
> Mar 26 11:10:41 hltraindb01 slapd[16115]: >>> dnPrettyNormal:
> <cn=mwldap,cn=users,dc=ldaptest,dc=com>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: <<< dnPrettyNormal:
> <cn=mwldap,cn=users,dc=ldaptest,dc=com>,
> <cn=mwldap,cn=users,dc=ldaptest,dc=com>
> Mar 26 11:10:41 hltraindb01 slapd[16115]: do_bind: version=3
> dn="cn=mwldap,cn=users,dc=ldaptest,dc=com" method=128
> Mar 26 11:10:41 hltraindb01 slapd[16115]: conn=2 op=0 BIND
> dn="cn=mwldap,cn=users,dc=ldaptest,dc=com" method=128
> Mar 26 11:10:41 hltraindb01 slapd[16115]: [rw] bindDN:
> "cn=mwldap,cn=users,dc=ldaptest,dc=com" ->
> "cn=mwldap,cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:41 hltraindb01 slapd[16115]: daemon: epoll: listen=8
> active_threads=0 tvp=NULL
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=0 BIND
> dn="cn=mwldap,cn=users,dc=ldaptest,dc=com" mech=SIMPLE ssf=0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: do_bind: v3 bind:
> "cn=mwldap,cn=users,dc=ldaptest,dc=com" to
> "cn=mwldap,cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_result: conn=2 op=0
> p=3
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_result: err=0
> matched="" text=""
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_response: msgid=1
> tag=97 err=0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=0 RESULT tag=97 err=0
> text=
> Mar 26 11:10:44 hltraindb01 slapd[16115]: daemon: activity on 1 descriptor
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: daemon: activity on:
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  14r
> Mar 26 11:10:44 hltraindb01 slapd[16115]:
> Mar 26 11:10:44 hltraindb01 slapd[16115]: daemon: read active on 14
> Mar 26 11:10:44 hltraindb01 slapd[16115]: connection_get(14)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: connection_get(14): got connid=2
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: connection_read(14): checking
> for input on id=2
> Mar 26 11:10:44 hltraindb01 slapd[16115]: do_search
> Mar 26 11:10:44 hltraindb01 slapd[16115]: >>> dnPrettyNormal:
> <cn=users,dc=ldaptest,dc=com>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <<< dnPrettyNormal:
> <cn=users,dc=ldaptest,dc=com>, <cn=users,dc=ldaptest,dc=com>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: daemon: epoll: listen=7
> active_threads=0 tvp=NULL
> Mar 26 11:10:44 hltraindb01 slapd[16115]: daemon: epoll: listen=8
> active_threads=0 tvp=NULL
> Mar 26 11:10:44 hltraindb01 slapd[16115]: SRCH
> "cn=users,dc=ldaptest,dc=com" 2 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]:     1 120 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: AND
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter_list
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: EQUALITY
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: EQUALITY
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter_list
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]:     filter:
> (&(objectClass=posixAccount)(uid=lynntest))
> Mar 26 11:10:44 hltraindb01 slapd[16115]:     attrs:
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  uid
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  userPassword
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  uidNumber
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  gidNumber
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  cn
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  homeDirectory
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  loginShell
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  gecos
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  description
> Mar 26 11:10:44 hltraindb01 slapd[16115]:  objectClass
> Mar 26 11:10:44 hltraindb01 slapd[16115]:
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 SRCH
> base="cn=users,dc=ldaptest,dc=com" scope=2 deref=0
> filter="(&(objectClass=posixAccount)(uid=lynntest))"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 SRCH attr=uid
> userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
> description objectClass
> Mar 26 11:10:44 hltraindb01 slapd[16115]: ==> limits_get: conn=2 op=1
> dn="cn=mwldap,cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: [rw] searchDN:
> "cn=users,dc=ldaptest,dc=com" -> "cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: str2filter
> "(&(objectClass=organizationalPerson)(uid=lynntest))"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: AND
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter_list
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: EQUALITY
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: begin get_filter
> Mar 26 11:10:44 hltraindb01 slapd[16115]: EQUALITY
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter_list
> Mar 26 11:10:44 hltraindb01 slapd[16115]: end get_filter 0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: >>> dnPrettyNormal: <CN=Lynn
> Testing,CN=Users,dc=ldaptest,DC=com>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <<< dnPrettyNormal: <cn=Lynn
> Testing,cn=Users,dc=ldaptest,dc=com>, <cn=lynn
> testing,cn=users,dc=ldaptest,dc=com>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: [rw] searchEntryDN: "cn=Lynn
> Testing,cn=Users,dc=ldaptest,dc=com" -> "cn=Lynn
> Testing,cn=Users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => send_search_entry: conn 2
> dn="cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "entry" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr entry
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "entry" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to all values by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr objectClass
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: access_allowed: no res from
> state (objectClass)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "objectClass"
> requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to value by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "uidNumber" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr uidNumber
> Mar 26 11:10:44 hltraindb01 slapd[16115]: access_allowed: no res from
> state (uidNumber)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "uidNumber" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to value by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "gidNumber" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr gidNumber
> Mar 26 11:10:44 hltraindb01 slapd[16115]: access_allowed: no res from
> state (gidNumber)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "gidNumber" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to value by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "homeDirectory" requested
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr
> homeDirectory
> Mar 26 11:10:44 hltraindb01 slapd[16115]: access_allowed: no res from
> state (homeDirectory)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "homeDirectory"
> requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to value by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "loginShell" requested
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => dn: [1] dc=ldaptest,dc=com
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] matched
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_get: [1] attr loginShell
> Mar 26 11:10:44 hltraindb01 slapd[16115]: access_allowed: no res from
> state (loginShell)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: access to entry
> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "loginShell" requested
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => acl_mask: to value by
> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= check a_dn_pat: users
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] applying
> read(=rscxd) (stop)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= acl_mask: [1] mask:
> read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: => access_allowed: read access
> granted by read(=rscxd)
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 ENTRY dn="cn=lynn
> testing,cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: <= send_search_entry: conn 2
> exit.
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_result: conn=2 op=1
> p=3
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_result: err=0
> matched="" text=""
> Mar 26 11:10:44 hltraindb01 slapd[16115]: send_ldap_response: msgid=2
> tag=101 err=0
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 SEARCH RESULT
> tag=101 err=0 nentries=1 text=
>
>
> One thing I noticed... is below, maybe this is my problem? The filters are
> different?
>
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 SRCH
> base="cn=users,dc=ldaptest,dc=com" scope=2 deref=0
> filter="(&(objectClass=posixAccount)(uid=lynntest))"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: conn=2 op=1 SRCH attr=uid
> userPassword uidNumber gidNumber cn homeDirectory loginShell gecos
> description objectClass
> Mar 26 11:10:44 hltraindb01 slapd[16115]: ==> limits_get: conn=2 op=1
> dn="cn=mwldap,cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: [rw] searchDN:
> "cn=users,dc=ldaptest,dc=com" -> "cn=users,dc=ldaptest,dc=com"
> Mar 26 11:10:44 hltraindb01 slapd[16115]: str2filter
> "(&(objectClass=organizationalPerson)(uid=lynntest))"
>
> -----Original Message-----
> From: Tyler Gates [mailto:tgates81@gmail.com]
> Sent: Thursday, March 25, 2010 5:52 PM
> To: Lynn York
> Cc: Benjamin Griese; openldap-technical@openldap.org
> Subject: Re: Problem with getent passwd
>
> Looks like you are only logging conn and acl. Try config and stats for
> more useful information about what exactly is being queried and returned.
>
>
> On 03/25/2010 01:29 PM, Lynn York wrote:
>   
>> Below is part of the log from slapd..
>>
>>
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: >>> dnPrettyNormal: <CN=Lynn
>> Testing,CN=Users,dc=ldaptest,DC=com>
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <<< dnPrettyNormal: <cn=Lynn
>> Testing,cn=Users,dc=ldaptest,dc=com>, <cn=lynn
>> testing,cn=users,dc=ldaptest,dc=com>
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: [rw] searchEntryDN: "cn=Lynn
>> Testing,cn=Users,dc=ldaptest,dc=com" -> "cn=Lynn
>> Testing,cn=Users,dc=ldaptest,dc=com"
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => send_search_entry: conn 3
>> dn="cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com"
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "entry" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr entry
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "entry" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to all values by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr
>>     
> objectClass
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: access_allowed: no res from
>>     
> state
>   
>> (objectClass)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "objectClass"
>>     
> requested
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to value by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "uid" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr uid
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: access_allowed: no res from
>>     
> state
>   
>> (uid)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "uid" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to value by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "uidNumber" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr uidNumber
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: access_allowed: no res from
>>     
> state
>   
>> (uidNumber)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "uidNumber"
>>     
> requested
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to value by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "gidNumber" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr gidNumber
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: access_allowed: no res from
>>     
> state
>   
>> (gidNumber)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "gidNumber"
>>     
> requested
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to value by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>>     
> to
>   
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "loginShell" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => dn: [1] dc=ldaptest,dc=com
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] matched
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => test_filter
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:     PRESENT
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: search
>>     
> access
>   
>> to "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com" "objectClass" requested
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= test_filter 6
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_get: [1] attr
>>     
> loginShell
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: access_allowed: no res from
>>     
> state
>   
>> (loginShell)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: access to entry
>> "cn=Lynn Testing,cn=Users,dc=ldaptest,dc=com", attr "loginShell"
>>     
> requested
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => acl_mask: to value by
>> "cn=mwldap,cn=users,dc=ldaptest,dc=com", (=0)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= check a_dn_pat: users
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] applying
>> read(=rscxd) (stop)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= acl_mask: [1] mask:
>> read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: => access_allowed: read access
>> granted by read(=rscxd)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: <= send_search_entry: conn 3
>>     
> exit.
>   
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: send_ldap_result: conn=3 op=1
>>     
> p=3
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: send_ldap_result: err=0
>>     
> matched=""
>   
>> text=""
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: send_ldap_response: msgid=2
>> tag=101 err=0
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: conn=3 op=1 SEARCH RESULT
>>     
> tag=101
>   
>> err=0 nentries=127 text=
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: activity on 1
>>     
> descriptor
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: activity on:
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:  14r
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: read active on 14
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_get(14)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_get(14): got
>>     
> connid=3
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_read(14): checking
>>     
> for
>   
>> input on id=3
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: ber_get_next on fd 14 failed
>> errno=0 (Success)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_read(14): input
>> error=-2 id=3, closing.
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_closing: readying
>> conn=3 sd=14 for close
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: connection_close: conn=3 sd=-1
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: =>ldap_back_conn_destroy:
>>     
> fetching
>   
>> conn 3
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: removing 14
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: conn=3 fd=14 closed
>>     
> (connection
>   
>> lost)
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: epoll: listen=7
>> active_threads=0 tvp=NULL
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: epoll: listen=8
>> active_threads=0 tvp=NULL
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: activity on 1
>>     
> descriptor
>   
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: activity on:
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]:
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: epoll: listen=7
>> active_threads=0 tvp=NULL
>>
>> Mar 25 13:25:16 hltraindb01 slapd[28836]: daemon: epoll: listen=8
>> active_threads=0 tvp=NULL
>>
>>
>>
>> *From:* Benjamin Griese [mailto:der.darude@gmail.com]
>> *Sent:* Thursday, March 25, 2010 11:56 AM
>> *To:* Lynn York
>> *Cc:* Tyler Gates; openldap-technical@openldap.org
>> *Subject:* Re: Problem with getent passwd
>>
>>
>>
>> Hi,
>> could you please also provide the appropriate log entries that show the
>> query to the slapd from the client?
>>
>> thanks
>>
>> On Thu, Mar 25, 2010 at 13:52, Lynn York <lynn.york@mavenwire.com>
>>     
> wrote:
>   
>> I attempted to use "setup" to setup ldap auth.   That did not work.
>>     
> When
>   
>> I run "getent passwd" it prints all the local users, then hangs for
>>     
> about
>   
>> 5 seconds and doesn't print the ldap users.  However, it does query the
>> ldap server, I can see the queries in the ldap logs.  I have added
>>     
> copies
>   
>> of my configs with hopes someone can help me more :)
>>
>> /etc/ldap.conf
>> ----------------
>> base cn=users,dc=ldaptest,dc=com
>> uri ldap://ldaphost/
>> binddn cn=mwldap,cn=users,dc=ldaptest,dc=com
>> bindpw password
>> scope sub
>> timelimit 120
>> bind_policy soft
>> bind_timelimit 120
>> idle_timelimit 3600
>> ssl no
>> pam_password ad
>> # nss_ldap configurations
>> nss_base_passwd cn=users,dc=ldaptest,dc=com?sub
>> nss_base_shadow
>> cn=users,dc=ldaptest,dc=com?sub?&(objectCategory=users)(uidnumber=*)
>> nss_base_group
>> cn=users,dc=ldaptest,dc=com?sub?&(objectCategory=group)(gidnumber=*)
>> nss_map_attribute user SAMACCOUNTNAME
>> sasl_secprops maxssf=0
>> #tls_cacertdir /etc/openldap/cacerts
>>
>> Slapd.conf
>> ----------------
>> ######################################################
>> # database definitions
>> ######################################################
>> database ldap
>> suffix  "cn=users,dc=ldaptest,dc=com"
>> uri  "ldap://ads.ldaptest.com";
>> overlay rwm
>> rebind-as-user
>> chase-referrals no
>>
>> acl-bind
>>        bindmethod=simple
>>        binddn="cn=mwldap,cn=users,dc=ldaptest,dc=com"
>>        credentials=password
>>
>> # The database directory MUST exist prior to running slapd AND
>> # should only be accessible by the slapd and slap tools.
>> # Mode 700 recommended.
>> directory       /var/lib/ldap
>>
>> # Indices to maintain for this database
>> #index objectClass                       eq
>> #index ou,cn,mail,surname,givenname      eq,pres,sub
>> #index uidNumber,gidNumber,loginShell    eq,pres
>> #index uid,memberUid                     eq,pres,sub
>> #index nisMapName,nisMapEntry            eq,pres,sub
>>
>> rwm-map objectclass posixAccount organizationalPerson
>> rwm-map attribute uid sAMAccountname
>> rwm-map attribute uidNumber uidNumber
>> rwm-map attribute gidNumber gidNumber
>> rwm-map attribute givenName cn
>> rwm-map attribute unixHomeDirectory homeDirectory
>> rwm-map attribute unixUserPassword UserPassword
>>
>>
>>
>> Any help is greatly appreciated...
>>
>> -----Original Message-----
>> From: Tyler Gates [mailto:tgates81@gmail.com]
>>
>> Sent: Wednesday, March 24, 2010 9:31 PM
>> To: Lynn York; openldap-technical@openldap.org
>> Subject: Re: Problem with getent passwd
>>
>> Actually I misspoke earlier -I meant run the command 'setup' from the
>> terminal and select authentication. From there you should see "User
>> Information" and "Authentication" columns. Just check LDAP in "User
>> Information" and you should see getent populate the passwords.
>> That normally does the trick.. pretty simple but if that doesn't work
>> I'd check your /etc/ldap.conf is setup correctly (I mostly have to just
>> add the host information and base dn). Other wise your LDAP server
>> doesn't have the attributes its' expecting from its queries to generate
>> user account information.
>>
>> On 03/24/2010 08:09 AM, Lynn York wrote:
>>
>>     
>>> Here is my /etc/pam.d/system-auth file
>>>
>>>
>>>
>>> cat /etc/pam.d/system-auth
>>>
>>> #%PAM-1.0
>>>
>>> # This file is auto-generated.
>>>
>>> # User changes will be destroyed the next time authconfig is run.
>>>
>>> auth        required      pam_env.so
>>>
>>> auth        sufficient    pam_unix.so nullok try_first_pass
>>>
>>> auth        requisite     pam_succeed_if.so uid >= 500 quiet
>>>
>>> auth        sufficient    pam_ldap.so use_first_pass
>>>
>>> auth        required      pam_deny.so
>>>
>>>
>>>
>>> account     required      pam_unix.so broken_shadow
>>>
>>> account     sufficient    pam_succeed_if.so uid < 500 quiet
>>>
>>> account     [default=bad success=ok user_unknown=ignore] pam_ldap.so
>>>
>>> account     required      pam_permit.so
>>>
>>>
>>>
>>> password    requisite     pam_cracklib.so try_first_pass retry=3
>>>
>>> password    sufficient    pam_unix.so md5 shadow nullok try_first_pass
>>> use_authtok
>>>
>>> password    sufficient    pam_ldap.so use_authtok
>>>
>>> password    required      pam_deny.so
>>>
>>>
>>>
>>> session     optional      pam_keyinit.so revoke
>>>
>>> session     required      pam_limits.so
>>>
>>> session     [success=1 default=ignore] pam_succeed_if.so service in
>>>
>>>       
>> crond
>>
>>     
>>> quiet use_uid
>>>
>>> session     required      pam_unix.so
>>>
>>> session     optional      pam_ldap.so
>>>
>>>
>>>
>>>
>>>
>>> Also, when I ran authconfig, that didn't help.  The server still
>>>       
> queries
>   
>>>       
>> the
>>
>>     
>>> ldap server, but the users don't actually show when I run getent
>>>
>>>       
>> passwd...
>>
>>     
>>> could it be something with the rwm mappings?
>>>
>>>
>>>
>>> *From:* Tyler Gates [mailto:tgates81@gmail.com]
>>> *Sent:* Tuesday, March 23, 2010 8:26 PM
>>> *To:* Lynn York
>>> *Subject:* Re: Problem with getent passwd
>>>
>>>
>>>
>>> Sounds like it's a problem with your client side pam_ldap
>>>
>>>       
>> authentication.
>>
>>     
>>> There's a whole buch of steps to get that working, just google it. If
>>>
>>>       
>> you
>>
>>     
>>> have a redhat variant authconfig or setup will step you through it. It
>>>
>>>       
>> would
>>
>>     
>>> help if you could post your system_auth file.
>>>
>>> On Mar 23, 2010, at 11:40 AM, Lynn York <lynn.york@mavenwire.com>
>>>       
> wrote:
>   
>>>  Hello,
>>>
>>>
>>>
>>>                 When I issue "getent passwd" I can see it query the
>>>       
> ldap
>   
>>> server for all the information and the server is returning the correct
>>> information.  However, "getent passwd" doesn't actually show the users
>>>
>>>       
>> that
>>
>>     
>>> are in ldap.  I am not sure where my problem might be.  Can anyone
>>>       
> offer
>   
>>>       
>> any
>>
>>     
>>> suggestions on where to look?
>>>
>>>
>>>
>>> Lynn York II
>>>
>>> MavenWire Hosting Admin
>>>
>>> www.mavenwire.com
>>>
>>> (866) 343-4870 x717
>>>
>>>
>>>
>>> MavenWire - We DELIVER
>>>
>>> http://www.mavenwire.com
>>>
>>>
>>>
>>> This e-mail and any attached files may contain confidential and/or
>>> privileged material for the sole use of the intended recipient.  Any
>>>
>>>       
>> review,
>>
>>     
>>> use, distribution or disclosure by others is strictly prohibited. If
>>>       
> you
>   
>>>       
>> are
>>
>>     
>>> not the intended recipient (or authorized to receive this e-mail for
>>>       
> the
>   
>>> recipient), you may not review, copy or distribute this message.
>>>       
> Please
>   
>>> contact the sender by reply e-mail and delete all copies of this
>>>
>>>       
>> message.
>>
>>     
>>>
>>> MavenWire - We DELIVER
>>>
>>> http://www.mavenwire.com
>>>
>>>
>>>
>>> This e-mail and any attached files may contain confidential and/or
>>> privileged material for the sole use of the intended recipient.  Any
>>> review, use, distribution or disclosure by others is strictly
>>> prohibited. If you are not the intended recipient (or authorized to
>>> receive this e-mail for the recipient), you may not review, copy or
>>> distribute this message.  Please contact the sender by reply e-mail
>>> and delete all copies of this message.
>>>
>>> MavenWire - We DELIVER
>>> http://www.mavenwire.com
>>>
>>> This e-mail and any attached files may contain confidential and/or
>>>
>>>       
>> privileged material for the sole use of the intended recipient.  Any
>> review, use, distribution or disclosure by others is strictly
>>     
> prohibited.
>   
>> If you are not the intended recipient (or authorized to receive this
>> e-mail for the recipient), you may not review, copy or distribute this
>> message.  Please contact the sender by reply e-mail and delete all
>>     
> copies
>   
>> of this message.
>>
>>     
>>>
>>>       
>> MavenWire - We DELIVER
>> http://www.mavenwire.com
>>
>> This e-mail and any attached files may contain confidential and/or
>> privileged material for the sole use of the intended recipient.  Any
>>     
> review,
>   
>> use, distribution or disclosure by others is strictly prohibited. If you
>>     
> are
>   
>> not the intended recipient (or authorized to receive this e-mail for the
>> recipient), you may not review, copy or distribute this message.  Please
>> contact the sender by reply e-mail and delete all copies of this
>>     
> message.
>   
>>
>>
>>
>>
>>     
> MavenWire - We DELIVER
> http://www.mavenwire.com
>
> This e-mail and any attached files may contain confidential and/or privileged material for the sole use of the intended recipient.  Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive this e-mail for the recipient), you may not review, copy or distribute this message.  Please contact the sender by reply e-mail and delete all copies of this message.
>
>
References:
- Problem with getent passwd
  - From: Lynn York <lynn.york@mavenwire.com>
- Re: Problem with getent passwd
  - From: Tyler Gates <tgates81@gmail.com>
- RE: Problem with getent passwd
  - From: Lynn York <lynn.york@mavenwire.com>
- Re: Problem with getent passwd
  - From: Benjamin Griese <der.darude@gmail.com>
- RE: Problem with getent passwd
  - From: Lynn York <lynn.york@mavenwire.com>
- Re: Problem with getent passwd
  - From: Tyler Gates <tgates81@gmail.com>
- RE: Problem with getent passwd
  - From: Lynn York <lynn.york@mavenwire.com>
Prev by Date: Re: Problems using OpenLDAP with Active Directory
Next by Date: ldap
Index(es):
- Chronological
- Thread