Package: libnss-ldap
Version: 238-1
Severity: important
We are using libnss-ldap for user synchronization between linux and Active
Directory. While searching for users within the whole domain
(dc=wiwi,dc=uni-karlsruhe .. ) Active Directory returns also a referral for
dc=dnsdomaintones,dc=wiwi .. and "getent passwd" returns only exactly 1000
users. if i restrict the search to ou=pools, dc=wiwi... "getent passwd" returns
8000 users. Scope for both queries is subtree. I compiled libnss-ldap with
debug information and set a breakpoint in do_bind. While running "getent
passwd" do_bind is invoked twice: once for dc=wiwi,dc=uni-karl... and once for
dc=dnsdomainzones,dc=wiwi,dc=uni... When i interrupt the second call long
enough (possibly creating a timeout) "getent passwd" returns all users, not
only the first 1000.
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages libnss-ldap depends on:
ii debconf 1.4.30.13 Debian configuration
management sy
ii libc6 2.3.2.ds1-22 GNU C Library: Shared
libraries an
ii libkrb53 1.3.6-2sarge2 MIT Kerberos runtime
libraries
ii libldap2 2.1.30-8 OpenLDAP libraries
-- debconf information excluded
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
