[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Sometimes getent missing users


I did use the ldapsearch and here is what I found out

ldapsearch "ldapserver" returned 1586 users
/etc/passwd has 38 users

passwd:     files ldap

So sometimes I assume getent returns files (38) + ldap (1586) = 1624

But mostly getent only returns 1038

Sizelimit on the ldap server is set to 5000

Can it be that sometimes only 1000 users gets returned from the getent ldap search? And if so, why?


On Tue, Oct 19, 2010 at 14:55, Prentice Bisbal <prentice@ias.edu> wrote:
Jocke M wrote:
> Hello,
> We are running an OpenLDAP server on RHEL4 and I just found out that
> running getent on the RHEL clients sometimes missed users against the
> OpenLDAP server.
> Example:
> getent passwd | wc -l
> 1038
> getent passwd | wc -l
> 1624
> Does anyone know what can be faulty, either on the clients or the server?
> --
> Thx
> Jocke

Did those results occur on the same client, or are those results from
two different clients?

If two different clients are returning different results, I'd compare
the /etc/ldap.conf and /etc/openldap/ldap.conf files first. It could be
that one has a different filter criteria than the other. Or, if you've
recently upgraded your LDAP servers, one client could still be point to
an old LDAP server that doesn't have new entries.

Try using the ldapsearch command with the same search criteria and see
if you get the same results. I would use the -h or -H switch to make
sure you are using the server you think you are using (change specifics

ldapsearch -LLL -h yourldapserver.example.com -b dc=example,dc=com
"objectClass=posixAccount" dn