Share your knowledge at the LQ Wiki.
Go Back > Forums > Enterprise Linux Forums > Linux - Enterprise
User Name
Linux - Enterprise This forum is for all items relating to using Linux in the Enterprise.


  Search this Thread
Old 01-28-2011, 09:50 AM   #1
Registered: Apr 2005
Distribution: Ubuntu, RHEL, Darwin
Posts: 73

Rep: Reputation: 15
RHEL6: LDAP-based Auth, pam_ldap, and uidNumber issues...

I'm trying to migrate from an RHEL4/5 set up to the latest & greatest RHEL6, and we provide a single point of storage for authentication credentials in an LDAP directory.

Currently, all the user ID's are padded out with zeroes when they're written to LDAP (this is an artifact of the DB server that's actually doing the writing). This wasn't a problem with RHEL4 and 5, but apparently, now the pam_ldap module in RHEL6 sees this as a "non-numeric" or invalid user id. If I go an modify the directory and change the first digit to non-zero, it works just fine. Rather than change the entire directory of some 10,000+ users, as well as the way our DB writes out these entries, is there a way to make the pam_ldap module, sssd, or nslcd (or whatever else I need to change) more permissive and allow these padded zeroes?
Old 11-22-2011, 02:51 PM   #2
Registered: Apr 2005
Distribution: Ubuntu, RHEL, Darwin
Posts: 73

Original Poster
Rep: Reputation: 15
*bump* ...

Anyone? We ended up going back to RHEL5 for the time being, but the need to upgrade to 6 is much more pressing this time around... I still can't seem to figure out how to get nslcd to ignore padded zeroes...

For example, an LDAP entry with...

uidNumber: 055555
gidNumber: 055555
yields this line in the logs...

passwd entry ##### LDAP DN ##### contains non-numeric uidNumber value
as well as a similar entry if the gidNumber is padded... This is just doing a "getent passwd <username>"


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] LDAP user login, uidNumber restricting, how to luvshines Linux - Security 2 11-28-2010 02:05 AM
ldap apache auth issues kcorupe Linux - Server 1 05-16-2008 03:34 AM
dovecot-auth: pam_ldap error guy_ripper Linux - Server 2 04-05-2008 08:31 AM
LDAP-based auth, xtra packages and conf-files monz Ubuntu 1 02-21-2006 04:10 PM
ldap auth - nsswitch - pam_ldap td3201 Linux - General 1 01-27-2002 10:13 PM > Forums > Enterprise Linux Forums > Linux - Enterprise

All times are GMT -5. The time now is 02:59 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration