Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 31 Oct 2009 14:10:05 +0700 (ICT)
From:      Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
To:        on@cs.ait.ac.th
Cc:        questions@freebsd.org
Subject:   Re: Strange behaviour of nss_ldap in 7.2
Message-ID:  <200910310710.n9V7A59X009388@banyan.cs.ait.ac.th>
In-Reply-To: <200910310649.n9V6nuX2009185@banyan.cs.ait.ac.th> (message from Olivier Nicole on Sat, 31 Oct 2009 13:49:56 %2B0700 (ICT))
References:  <200910310649.n9V6nuX2009185@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help 
Bad bad bad me.

> I am using nss_ldap without problem on a machine with FreeBSD 6.4
> amd64.
> 
> Now I wanted to make a similar configuration with a machine running
> FreeBSD 7.2 i386, but I have a problem:
> 
> - as root, getent passwd gives me the list of users in /etc/passwd and
>   in LDAP;
> 
> - as user. getent passwd only gives me list of users in /etc/passwd.

Sorry for the disturbance, it was a CA file that was not user readable.

Shame on me.

> 
> Example:
> 
>   samba<1001>: ls -l toto
>   -rw-r--r--  1 1001  30  0 Oct 31 13:21 toto
>   samba<1001>: sudo ls -l toto
>   Password: 
>   -rw-r--r--  1 on  staff  0 Oct 31 13:21 toto
>   
> The group ID and user ID are not resolved.
> 
> On the machine that is working:
> 
>   banyan<on>47: ls -l toto
>   -rw-r--r--  1 on  csimstaff  0 Oct 31 13:46 toto
>   banyan<on>48: sudo ls -l toto
>   Password: 
>   -rw-r--r--  1 on  csimstaff  0 Oct 31 13:46 toto
>  
> The user and grup ID are resolved.
> 
> Note that I can authenticate against LDAP without problem (sudo with
> pam_ldap works and ssh work).
> 
> I have copied nss_ldap.conf and nsswitch.conf from the 6.4 to the 7.2
> machine (with needed name changing).
> 
> Both LDAP servers are running almost the same thing, ACL are the same.
> 
> I have tried to remove the ACL on LDAP server without success.
> 
> I am stuck with a different behaviour between 6.4 and 7.2, any help
> will be greatly appreciated as I need to solve that problm urgently.
> 
> 
> TIA,
> 
> Olivier

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910310710.n9V7A59X009388>