[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: getent passwd only catch local user passwd

To: Yingbo Li <YLi28@ra.rockwell.com>
Subject: Re: getent passwd only catch local user passwd
From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
Date: Thu, 30 Apr 2015 12:56:27 +0100
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-disposition: inline
In-reply-to: <BN3PR0801MB109215F5EB8799F077B00C5EF9D60@BN3PR0801MB1092.namprd08.prod.outlook.com>
References: <BN3PR0801MB1092854E576E5E8E857DDF9FF9E80@BN3PR0801MB1092.namprd08.prod.outlook.com> <20150429093910.GF4937@slab.skills-1st.co.uk> <BN3PR0801MB109215F5EB8799F077B00C5EF9D60@BN3PR0801MB1092.namprd08.prod.outlook.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Apr 30, 2015 at 01:06:54AM +0000, Yingbo Li wrote:

> If you find anything wrong, please let me know. I can only configure the client side, the LDAP server controlled by IT.

You need to find out what each component in the stack is doing.
If you have access to the LDAP server logs, try looking there to see what
operations are performed. If not, consider setting up your own LDAP server so that
you can run it at a high log-level.

Another way to check LDAP operations is to use tcpdump and/or wireshark
to capture and analyse network traffic. You will need to disable TLS for
that to be useful.

There is a fair amount of advice about debugging SSSD issues on the web,
e.g.:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/SSSD-Troubleshooting.html
https://fedoraproject.org/wiki/How_to_debug_SSSD_problems

I would advise turning OFF nscd. It is not helpful when sssd is in use, and can
cause great confusion and problems of its own.

Andrew
-- 
-----------------------------------------------------------------------
|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |
-----------------------------------------------------------------------

Follow-Ups:
- Re: getent passwd only catch local user passwd
  - From: Jakub Hrozek <jakub.hrozek@posteo.se>
- RE: getent passwd only catch local user passwd
  - From: Yingbo Li <YLi28@ra.rockwell.com>

References:
- getent passwd only catch local user passwd
  - From: Yingbo Li <YLi28@ra.rockwell.com>
- Re: getent passwd only catch local user passwd
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- RE: getent passwd only catch local user passwd
  - From: Yingbo Li <YLi28@ra.rockwell.com>

Prev by Date: Re: Significance of name forms.
Next by Date: Re: Ldap challenge
Index(es):
- Chronological
- Thread