From owner-freebsd-current@FreeBSD.ORG Thu May 17 09:49:54 2012 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6F8EA1065670 for ; Thu, 17 May 2012 09:49:54 +0000 (UTC) (envelope-from joel@vnode.se) Received: from mail.vnode.se (mail.vnode.se [62.119.52.80]) by mx1.freebsd.org (Postfix) with ESMTP id 251E28FC12 for ; Thu, 17 May 2012 09:49:54 +0000 (UTC) Received: from mail.vnode.se (localhost [127.0.0.1]) by mail.vnode.se (Postfix) with ESMTP id 39A3CE3F07B for ; Thu, 17 May 2012 11:49:53 +0200 (CEST) X-Virus-Scanned: amavisd-new at vnode.se Received: from mail.vnode.se ([127.0.0.1]) by mail.vnode.se (mail.vnode.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qlr3gyK1mzFk for ; Thu, 17 May 2012 11:49:50 +0200 (CEST) Received: from goofy01.vnodelab.local (jd.benders.se [212.247.52.12]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.vnode.se (Postfix) with ESMTPSA id CCC46E3F079 for ; Thu, 17 May 2012 11:49:50 +0200 (CEST) Date: Thu, 17 May 2012 11:49:49 +0200 From: Joel Dahl To: current@freebsd.org Message-ID: <20120517094949.GK6475@goofy01.vnodelab.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Subject: FreeBSD and LDAP users, bug or feature? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 May 2012 09:49:54 -0000 Hi, I have a machine running FreeBSD and openldap24-server, and several client machines running FreeBSD and openldap24-client and I'm experiencing a weird behaviour with adduser/pw. I create my LDAP users on the LDAP server, with UIDs starting at 5001. Local users on the server and clients should start at UID 1001, but this does not really work. If I use adduser to create a new local user on one of the client machines, it'll automatically be assigned with UID 5002 - which I find very confusing. This also breaks my LDAP setup, because when I add an LDAP user on the server, it'll also get UID 5002. Running pw usernext on one of the client machines confirms this behaviour: root@crashbox [~] pw usernext 5002:5002 But looking inside my /etc/passwd on the same machine reveals that the next free UID should be 1002. So pw is obviously getting information from LDAP and tries to be friendly and automatically gives me the next free UID from LDAP - which would make sense if pw could create LDAP users in addition to local users, but it can't. So right now I'm forced to check /etc/passwd on my machines each time I add a new local user and manually use that UID whenever I run adduser or pw. It works, but it's easy to shoot myself in the foot. Is this intended behaviour, or a bug? Or perhaps a misconfiguration on my part? I can provide configuration examples from my environment, but there really isn't much to see - I haven't made many changes besides installing the required applications from ports (openldap,nss_ldap,pam_ldap), changed my nsswitch.conf and a couple of files in /etc/pam.d/. -- Joel