[plug] Strange LDAP issues

Tue May 31 11:53:29 WST 2005

check ur /etc/nsswitch.conf?

from mine:

passwd:     files ldap
shadow:     files ldap
group:      files ldap

Just a word of advice - always have files first, and always have the root user
in passwd/shadow/group.... that way when ldap dies you can still login as root
:)

Timothy White (weirdit at gmail.com) wrote:
>
> Ok, So it appears that I have some of the LDAP working now.
> I can login as a user in LDAP.
> The problem was here in the pam_ldap.conf file
> ---
> # The distinguished name to bind to the server with
> # if the effective user ID is root. Password is
> # stored in /etc/ldap.secret (mode 600)
> rootbinddn cn=admin,dc=white,dc=lan
> ---
> I needed to comment out the rootbinddn part.
>
> Ok, now I have a few more problems. Firstly groups.
> family is an LDAP group. dwhite and rwhite are ldap users, tim is a
> flat file user.
> $ getent group family
> family:x:10000:
> /home$ vdir
> ...
> drwxr-xr-x   2 dwhite   10000  4096 2005-05-31 10:17 dwhite
> drwxr-xr-x  15 rwhite   10000  4096 2005-05-30 20:19 rwhite
> drwxr-xr-x  31 tim    tim      4096 2005-05-31 10:16 tim
> dwhite at camiroi:~$ groups
> id: cannot find name for group ID 10000
> 10000
> ---
> As you can see group names aren't being resolved even though nss sees
> it fine afaiks.
>
> Also I'd like away to add ldap users to standard unix groups. For
> example tim is in  'dialout cdrom floppy audio dip video scanner' and
> I'd like all users to be in that group. Is there an easy way to do
> this without adding each user?
>
> Thanks
>
> Tim
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>

--
=================
Simon Scott
simon at plumtek.com
mob: 0409113359
=================