-----Original Message----- From: Dan White [mailto:[email protected]] Sent: Friday, March 08, 2013 4:49 PM To: Rodney Simioni Cc: [email protected] Subject: Re: getent passwd inconsistent loginShell with ldapsearch
On 03/08/13 16:14 -0500, Rodney Simioni wrote: >When I do a 'getent check72 passwd' I get: > >check72:*:6072:6072:Johnny Appleseed:/home/check72:/bin/bash What do you expect to see here? [>>>>>>>>]check72:*:6072:6072:Johnny Appleseed:/home/check72:/bin/noshell Presumably you are expecting to either see the password hash value, or an "x" instead of "*". If so, you could have an ACL misconfiguration, or a problem with your ldap nss module. >But when I do a ldapsearch command I get: > ># check72, people, wh.local >dn: uid=check72,ou=people,dc=wh,dc=local >uid: check72 >cn: Johnny Appleseed >objectClass: account >objectClass: posixAccount >objectClass: top >objectClass: shadowAccount >userPassword:: e1NTSEF9OWVHdTdPVHIwVE15ajNQNEphdG9GR1cwZnQxa2Ftb3k= >shadowLastChange: 15140 >shadowMax: 99999 >shadowWarning: 7 >uidNumber: 6072 >gidNumber: 6072 >homeDirectory: /home/check72 >loginShell: /bin/noshell You're seeing /bin/bash in your getent output. That must be an nss ldap problem. Are you sure that 'check72' does not exist in /etc/passwd (or another nss plugin)? [>>>>>>>>] I'm sure it does not exist in /etc/passwd ># check72, group, wh.local >dn: cn=check72,ou=group,dc=wh,dc=local >objectClass: posixGroup >objectClass: top >cn: check72 >gidNumber: 6072 >userPassword:: e0NSWVBUfXg= -- Dan White This email message is intended for the use of the person to whom it has been sent, and may contain information that is confidential or legally protected. If you are not the intended recipient or have received this message in error, you are not authorized to copy, distribute, or otherwise use this message or its attachments. Please notify the sender immediately by return e-mail and permanently delete this message and any attachments. Verio Inc. makes no warranty that this email is error or virus free. Thank you.
