On 11-12-28 6:49 PM, 杨峰 wrote: > It's a strange problem, I settle down LDAP setting and can get correct > ldapsearch result at the mgmt node, but when I use "su" to the user, > the system prompt "the user is not existed". > > It seems the LDAP service ( slaped ) is running and the user > authentication goes through /etc/passwd still. How to move the user > authentication to LDAP only? > > I had changed /etc/nsswitch.conf to use ldap also. > > [root@xcat user]# ldapsearch -x -v -D "cn=root,dc=isilon,dc=cn" -W -b > "ou=People,dc=isilon,dc=cn" "uid=demo" > ldap_initialize( <DEFAULT> ) > Enter LDAP Password: > filter: uid=demo > requesting: All userApplication attributes > # extended LDIF > # > # LDAPv3 > # base <ou=People,dc=isilon,dc=cn> with scope subtree > # filter: uid=demo > # requesting: ALL > # > > # demo, People, isilon.cn > dn: uid=demo,ou=People,dc=isilon,dc=cn > uid: demo > cn: demo > sn: demo > mail: [email protected] > objectClass: person > objectClass: organizationalPerson > objectClass: inetOrgPerson > objectClass: posixAccount > objectClass: top > objectClass: shadowAccount > userPassword:: > e2NyeXB0fSQ2JHkuMjUwS3hlJE9VZ3BidXJDdlg0UFk2NVFSSXBKNjhtNnpxYVp > OVHdZYnBpZkdJVUJuQk1ZZnlVdmtEMHNwMTZLUmtaQmhoT0xrQ1NZdEhUU2NEUDRhTmhGUnJNSWIv > shadowLastChange: 15334 > shadowMax: 99999 > shadowWarning: 7 > loginShell: /bin/bash > uidNumber: 501 > gidNumber: 500 > homeDirectory: /ifs/home/demo > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > [root@xcat user]# su - demo > su: user demo is not existed
Have you configured /etc/ldap.conf to your Ldap structure?
