I have installed SL 6.1 On two different servers.  One Installed back 
2011 in Oct I believe, and second one last December.  Anyway I think I 
have run into a bug with ldap authentication.

On my newer SL server looks like the ldap client cannot retrieve any 
accounts where the account name is shorter than 3 characters.  Where as 
my older SL server can retrieve them just fine.  I checked the version 
of the nslcd daemon on both servers and they are both at:

nss-pam-ldapd 0.7.5
Written by Luke Howard and Arthur de Jong.

Copyright (C) 1997-2009 Luke Howard, Arthur de Jong and West Consulting
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

But looking at the size of both the nslcd binaries, I found them to be 
of different sizes:

-rwxr-xr-x. 1 root root 133560 Jan  9 09:35 nslcd  (The older SL server)
-rwxr-xr-x. 1 root root 138120 May 21  2011 nslcd.otw (The new SL server)

Anyway I fixed my problem by copying the nslcd binary from the older 
server to my newer one and now it can pick up the accounts with login 
names shorter than 3 characters.

Funny thing is that I could create a local user account with a 2 
character login name just fine with useradd.  And getent passwd could 
pull it up just fine. But if it's on ldap server it would not see the 
account.

Anyone else seen this?


-- 
C. J. Keist                     Email: [log in to unmask]
Systems Group Manager           Solaris 10 OS (SAI)
Engineering Network Services    Phone: 970-491-0630
College of Engineering, CSU     Fax:   970-491-5569
Ft. Collins, CO 80523-1301

All I want is a chance to prove 'Money can't buy happiness'