|
|
Really strange LDAP and ADS problem: msg#00010ldap.padl.nss
hi together! I have the following problem: I need a linux server (debian sarge) in a network, managed by active directory (windows server 2003). i want to access the AD user database via ldap (nsswitch.conf) libnss-ldap an pam-ldap are installed and imho configured well my current problem is: # getent passwd only shows users from /etc/passwd. but: # strace -v getent passwd shows, the AD users are read by getent, but not written do stdout: [...] read(4, "\2d\204\0\0\0m\4#CN=user1,CN=Users,DC="..., 116) = 116 time([1141871063]) = 1141871063 select(1024, [4], [], NULL, NULL) = 1 (in [4]) read(4, "0\204\0\0\0z\2\1", Cool = 8 read(4, "\2d\204\0\0\0q\4\'CN=user2,CN=Users"..., 120) = 120 time([1141871063]) = 1141871063 select(1024, [4], [], NULL, NULL) = 1 (in [4]) read(4, "0\204\0\0\0~\2\1", Cool = 8 read(4, "\2d\204\0\0\0u\4+CN=user3,CN=U"..., 124) = 124 time([1141871063]) = 1141871063 [...] (i changed each real usernames to userx) has anybody an idea, why there is no write command, like it should be? the local users are all written to stdout: [...] write(1, "root:x:0:0:root:/root:/bin/bash\n", 32) = 32 write(1, "daemon:x:1:1:daemon:/usr/sbin:/b"..., 3Cool = 38 write(1, "bin:x:2:2:bin:/bin:/bin/sh\n", 27) = 27 write(1, "sys:x:3:3:sys:/dev:/bin/sh\n", 27) = 27 [...] i already removed nscd. it did not help :( when i try to access the linux machine with an AD account via ssh, i get the following message in auth.log sshd[7249]: nss_ldap: could not search LDAP server - Bad search filter and here are the files: # egrep -v '^(#|$)' /etc/libnss-ldap.conf @(#)$Id: ldap.conf,v 2.41 2005/03/23 08:30:16 lukeh Exp $ host ipadress base dc=mydomain,dc=de ldap_version 3 binddn CN=myuser,CN=Users,DC=mydomain,DC=de bindpw mypasswd port 389 scope one nss_base_passwd CN=Users,DC=mydomain,DC=de nss_base_shadow CN=Users,DC=mydomain,DC=de nss_base_group CN=Group,DC=mydomain,DC=de nss_map_objectclass posixAccount user nss_map_objectclass shadowAccount user nss_map_attribute uid sAMAccountName #msSFUName nss_map_attribute homeDirectory msSFUHomeDirectory nss_map_objectclass posixGroup Group nss_map_attribute cn sAMAccountName #msSFUName nss_map_attribute uniqueMember member pam_filter objectclass=user pam_login_attribute sAMAccountName pam_password ad # egrep -v '^(#|$)' /etc/ldap/ldap.conf BASE dc=mydomain,dc=de URI ldap://host.mydomain.de PS: i changed ipadress, mydomain, myuser, mypasswd (all these values are correct). the host is in /etc/hosts thanks in advance -- View this message in context: http://www.nabble.com/Really-strange-LDAP-and-ADS-problem-t1252871.html#a3320266 Sent from the NSS LDAP forum at Nabble.com. |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | sasl simple bind.: 00010, Alan Jones |
|---|---|
| Next by Date: | Re: sasl simple bind.: 00010, Alan Jones |
| Previous by Thread: | sasl simple bind.i: 00010, Alan Jones |
| Next by Thread: | RE: Really strange LDAP and ADS problem: 00010, Joel Johnson |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |