On Dec 01, 2010, at 16.37, Anton Chu wrote: > I've setup an Ubuntu 10.10 LDAP Client to authenticate off my LDAP server. > I've install the following: > > sudo apt-get install libpam-ldap libnss-ldap nss-updatedb libnss-db > nscd ldap-utils pam_ccreds > > Here's my /etc/nsswitch.conf: > > passwd: files ldap [NOTFOUND=return] db >> >> group: files ldap [NOTFOUND=return] db >> >> shadow: files ldap >> >> hosts: files dns >> networks: files >> >> protocols: db files >> services: db files >> ethers: db files >> rpc: db files >> > > I can nss_updatedb ldap succssfully: > # nss_updatedb ldap > passwd... done. > group... done. > > I can getent passwd, getent passwd shadow, getent group just fine and > they all show all my ldap users. > > However, I cannot do an id ldapuser > > ex: > $ id tony > id: tony: No such user
my recommendation would be to move away from libnss-ldap and libpam-ldap, and to use nss-pam-ldapd, available in ubuntu via the libnss-ldapd, libpam-ldapd and nslcd packages. it may not explicitly solve your problem, but it will likely make troubleshooting things easier. also, until you have a functioning, proper setup, remove things like nss-updatedb, libnss-db and nscd. once things are working, if you feel some degree of caching is needed, address that as an independent item. -ben
