I have installed SL 6.1 On two different servers. One Installed back
2011 in Oct I believe, and second one last December. Anyway I think I
have run into a bug with ldap authentication.
On my newer SL server looks like the ldap client cannot retrieve any
accounts where the account name is shorter than 3 characters. Where as
my older SL server can retrieve them just fine. I checked the version
of the nslcd daemon on both servers and they are both at:
nss-pam-ldapd 0.7.5
Written by Luke Howard and Arthur de Jong.
Copyright (C) 1997-2009 Luke Howard, Arthur de Jong and West Consulting
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
But looking at the size of both the nslcd binaries, I found them to be
of different sizes:
-rwxr-xr-x. 1 root root 133560 Jan 9 09:35 nslcd (The older SL server)
-rwxr-xr-x. 1 root root 138120 May 21 2011 nslcd.otw (The new SL server)
Anyway I fixed my problem by copying the nslcd binary from the older
server to my newer one and now it can pick up the accounts with login
names shorter than 3 characters.
Funny thing is that I could create a local user account with a 2
character login name just fine with useradd. And getent passwd could
pull it up just fine. But if it's on ldap server it would not see the
account.
Anyone else seen this?
--
C. J. Keist Email: [email protected]
Systems Group Manager Solaris 10 OS (SAI)
Engineering Network Services Phone: 970-491-0630
College of Engineering, CSU Fax: 970-491-5569
Ft. Collins, CO 80523-1301
All I want is a chance to prove 'Money can't buy happiness'
