LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

January 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS January 2012

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Possible bug in nslcd daemon
From:	"Kinzel, David" <[log in to unmask]>
Reply To:	Kinzel, David
Date:	Mon, 9 Jan 2012 22:08:08 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (69 lines)

https://bugzilla.redhat.com/show_bug.cgi?id=706860 should cover this.

>-----Original Message-----
>From: [log in to unmask] 
>[mailto:[log in to unmask]] On 
>Behalf Of CJ Keist
>Sent: Monday, January 09, 2012 2:09 PM
>To: [log in to unmask]
>Subject: Possible bug in nslcd daemon
>
>I have installed SL 6.1 On two different servers.  One Installed back 
>2011 in Oct I believe, and second one last December.  Anyway I think I 
>have run into a bug with ldap authentication.
>
>On my newer SL server looks like the ldap client cannot retrieve any 
>accounts where the account name is shorter than 3 characters.  
>Where as 
>my older SL server can retrieve them just fine.  I checked the version 
>of the nslcd daemon on both servers and they are both at:
>
>nss-pam-ldapd 0.7.5
>Written by Luke Howard and Arthur de Jong.
>
>Copyright (C) 1997-2009 Luke Howard, Arthur de Jong and West Consulting
>This is free software; see the source for copying conditions.  
>There is NO
>warranty; not even for MERCHANTABILITY or FITNESS FOR A 
>PARTICULAR PURPOSE.
>
>But looking at the size of both the nslcd binaries, I found them to be 
>of different sizes:
>
>-rwxr-xr-x. 1 root root 133560 Jan  9 09:35 nslcd  (The older 
>SL server)
>-rwxr-xr-x. 1 root root 138120 May 21  2011 nslcd.otw (The new 
>SL server)
>
>Anyway I fixed my problem by copying the nslcd binary from the older 
>server to my newer one and now it can pick up the accounts with login 
>names shorter than 3 characters.
>
>Funny thing is that I could create a local user account with a 2 
>character login name just fine with useradd.  And getent passwd could 
>pull it up just fine. But if it's on ldap server it would not see the 
>account.
>
>Anyone else seen this?
>
>
>-- 
>C. J. Keist                     Email: [log in to unmask]
>Systems Group Manager           Solaris 10 OS (SAI)
>Engineering Network Services    Phone: 970-491-0630
>College of Engineering, CSU     Fax:   970-491-5569
>Ft. Collins, CO 80523-1301
>
>All I want is a chance to prove 'Money can't buy happiness'
>


This email communication and any files transmitted with it may contain
confidential and or proprietary information and is provided for the use of the
intended recipient only. Any review, retransmission or dissemination of this
information by anyone other than the intended recipient is prohibited. If you
receive this email in error, please contact the sender and delete this
communication and any copies immediately. Thank you.

http://www.encana.com

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV