[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OPENLDAP ACL problems..
Hi Adam,
Thanks a lot for replying. I am sorry I completely missed out the
nsswitch.conf part. The passwd and group entries look like:
passwd: files ldap
group: files ldap
shadow: files ldap
In fact, without the passwd entries setup correctly the login itself
would not have succeeded.
Regards.
--ajit
On Mon, 5 Aug 2002, Adam Williams wrote:
> >I am sorry if this topic is off target in this august group. I am posting
> >this here because I could not get the answers in the archives and I did
> >not get any help in pam_ldap group also.
> >What I am after:
> > I am trying to replace NIS with LDAP.
> > Environment:
> > RedHat 7.2, openldap-2.0.11
> > Problem:
> > I have setup PAM entries correctly so that I am able to log into
> > the system via ssh. Changing passwd (I saw many postings related
> > to this but it was not an issue for me) also works fine.
> >
> > The problem I face is that the system cannot map my uid and gid
> > to proper string values. Just after I login I get the message
> > id: cannot find name for user ID 50000
> > The value 50000 happens to be my userid defined in the LDAP
> > database.
> > Some Observations:
> > When I execute "getent passwd" as a normal user I dont succeed
> > but when root does the same, the LDAP users are shown properly.
> > My guess is that this is a problem in access control definitions.
> > I am enclosing /etc/openldap/slapd.conf and /etc/ldap.conf files
> > below.
>
> Sounds like an nss problem, no a pam one (as you did manage to sign
> in). What do the user and group lines of /etc/nsswitch.conf look like?
>
>
>
--
|-----------------------------------------------------------------|
| Ajit K. Jena Phone : (Office) +91-22-5767751 |
| Computer Centre +91-22-5722545 x8750 |
| Indian Institute of Technology (Home) +91-22-5722545 x8068 |
| POWAI, Bombay Fax : +91-22-5723894 |
| PIN 400076, India Email : ajit@cc.iitb.ac.in |
|-----------------------------------------------------------------|