[Date Prev][Date Next]
Re: Sometimes getent missing users
- To: Prentice Bisbal <firstname.lastname@example.org>
- Subject: Re: Sometimes getent missing users
- From: Jocke M <email@example.com>
- Date: Wed, 20 Oct 2010 08:33:32 +0200
- Cc: firstname.lastname@example.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=yogLWuw9958JAad0hL43j2xnCpzOx4HWcES+/ejxJAc=; b=mqai0wa/KbnoXn5PtJI7Chl+m2jldgRKVSM87fPtdAhvjDKt0rZu8nfCzCs6a6l6fO PSiCqeKlOj6S6aZv412eqeqeDxNonpg7YVsHgNfd2xpZYv3+fe3tX9+WwUs9ldu3it0W Eabt+XUxEakuwiAlfdFDjm2gIbOLiiX5VVGUg=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=RPeTmWGeDhtZ0sQTrhv/3ieU1jZ6oSUDBMfCla1K9Efz1SEavQ+tncKRctONEs7Ic8 U5CmlbXF8HP5ezPYS+Z18AvsSmPXbHSNS5YxCNITl+A6cPGJ2sw+wHdY971VjymAYxrB lSDhA4kQEYqbX9Bf2Rv5aD6I744lCFHld9B44=
- In-reply-to: <4CBD9541.email@example.com>
- References: <AANLkTimTNEhLCCvkA3O7Dx9YB72CPqe=vJrOrEGOAGtC@mail.gmail.com> <4CBD9541.firstname.lastname@example.org>
I did use the ldapsearch and here is what I found out
ldapsearch "ldapserver" returned 1586 users
/etc/passwd has 38 users
passwd: files ldap
So sometimes I assume getent returns files (38) + ldap (1586) = 1624
But mostly getent only returns 1038
Sizelimit on the ldap server is set to 5000
Can it be that sometimes only 1000 users gets returned from the getent ldap search? And if so, why?
On Tue, Oct 19, 2010 at 14:55, Prentice Bisbal <email@example.com>
Did those results occur on the same client, or are those results from
Jocke M wrote:
> We are running an OpenLDAP server on RHEL4 and I just found out that
> running getent on the RHEL clients sometimes missed users against the
> OpenLDAP server.
> getent passwd | wc -l
> getent passwd | wc -l
> Does anyone know what can be faulty, either on the clients or the server?
two different clients?
If two different clients are returning different results, I'd compare
the /etc/ldap.conf and /etc/openldap/ldap.conf files first. It could be
that one has a different filter criteria than the other. Or, if you've
recently upgraded your LDAP servers, one client could still be point to
an old LDAP server that doesn't have new entries.
Try using the ldapsearch command with the same search criteria and see
if you get the same results. I would use the -h or -H switch to make
sure you are using the server you think you are using (change specifics
ldapsearch -LLL -h yourldapserver.example.com -b dc=example,dc=com