LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

August 2011

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS August 2011

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: LDAP problems with short user names in SL6.1
From:	Jan van Eldik <[log in to unmask]>
Reply To:	Jan van Eldik <[log in to unmask]>
Date:	Sat, 27 Aug 2011 19:37:39 +0200
Content-Type:	text/plain
Parts/Attachments:	text/plain (58 lines)

Hi,

Sounds very much like
https://bugzilla.redhat.com/show_bug.cgi?id=706860 , which contains
a workaround that we have successfully deployed.

     hth, cheers, Jan


On 08/27/2011 01:06 AM, ~Stack~ wrote:
> Good afternoon.
>
> Back history:
> I have run into an odd problem with our old Debian LDAP system with
> SL6.1 clients. I know that this LDAP configuration is old and needs to
> be updated quite a bit (it is on the ever-increasing To-Do list,
> honest!) but it functions rather well for what we need at the moment. I
> am bringing an old inherited system up to date and I started with the
> desktops at our lab. Scientific Linux seemed to fit better with what we
> are doing than the other distros and after a month of testing, I rolled
> out SL6.0. It worked beautifully. So well, in fact, that I am replacing
> the highly mixed environment (6 different Linux distros) by
> standardizing on SL6. Not long after I rolled it out, 6.1 was released.
> I thought I had done due diligence in testing out 6.1 with our servers
> and I thought everything was moving along perfectly. So I rolled out 6.1
> to the desktops. For the vast majority of my users, this roll out went
> smoothly and they love 6.1.
>
> Problem:
> LDAP apparently doesn't like some of my users names. Specifically, I
> have a user named BJ (real birth name; doesn't stand for anything; yes,
> he has heard all the jokes) and another user who prefers to use his
> initials as his login name. For a very long time this has worked just
> fine with this old LDAP system. SL6.0 worked just fine and had no issues
> with two character user names. However, 6.1 does not like them at all.
>
> It seems that LDAP has issues trying to resolve the name and reports
> back that the user name is invalid. All the information I have found
> seems to point to the LDAP server not being correctly set up, but if the
> user logs into the SL6.0 boxes, everything works correctly. It is just
> SL6.1. So I doubt the full extent of the problem lays with the server.
>
> Also, this happens on EVERY 6.1 install. Any user name longer then 3
> characters can log in and use the machine just fine (at least the one
> user with the login 'jim' works; everyone else has 5 or more characters).
>
> Any idea as to why this is happening? The log files are pretty sparse as
> they all just say LDAP user is invalid. Maybe I am not looking in the
> right place?
>
> Has anyone else run into this problem? Is this a bug? Should I try to
> fill out a proper bug report? Should I just give up and make my users
> get a new user name?
>
> Thank you!
> ~Stack~
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV