LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Password
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.

Notices

Reply
 
Search this Thread
Old 01-28-2011, 09:50 AM   #1
enigma_0Z
Member
 
Registered: Apr 2005
Distribution: Ubuntu, RHEL, Darwin
Posts: 73

Rep: Reputation: 15
RHEL6: LDAP-based Auth, pam_ldap, and uidNumber issues...


I'm trying to migrate from an RHEL4/5 set up to the latest & greatest RHEL6, and we provide a single point of storage for authentication credentials in an LDAP directory.

Currently, all the user ID's are padded out with zeroes when they're written to LDAP (this is an artifact of the DB server that's actually doing the writing). This wasn't a problem with RHEL4 and 5, but apparently, now the pam_ldap module in RHEL6 sees this as a "non-numeric" or invalid user id. If I go an modify the directory and change the first digit to non-zero, it works just fine. Rather than change the entire directory of some 10,000+ users, as well as the way our DB writes out these entries, is there a way to make the pam_ldap module, sssd, or nslcd (or whatever else I need to change) more permissive and allow these padded zeroes?
 
Old 11-22-2011, 02:51 PM   #2
enigma_0Z
Member
 
Registered: Apr 2005
Distribution: Ubuntu, RHEL, Darwin
Posts: 73

Original Poster
Rep: Reputation: 15
*bump* ...

Anyone? We ended up going back to RHEL5 for the time being, but the need to upgrade to 6 is much more pressing this time around... I still can't seem to figure out how to get nslcd to ignore padded zeroes...

For example, an LDAP entry with...

Code:
--snip--
uidNumber: 055555
gidNumber: 055555
--/snip--
yields this line in the logs...

Code:
passwd entry ##### LDAP DN ##### contains non-numeric uidNumber value
as well as a similar entry if the gidNumber is padded... This is just doing a "getent passwd <username>"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] LDAP user login, uidNumber restricting, how to luvshines Linux - Security 2 11-28-2010 02:05 AM
ldap apache auth issues kcorupe Linux - Server 1 05-16-2008 03:34 AM
dovecot-auth: pam_ldap error guy_ripper Linux - Server 2 04-05-2008 08:31 AM
LDAP-based auth, xtra packages and conf-files monz Ubuntu 1 02-21-2006 04:10 PM
ldap auth - nsswitch - pam_ldap td3201 Linux - General 1 01-27-2002 10:13 PM


All times are GMT -5. The time now is 08:05 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration