Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 05-14-2008, 12:20 PM   #1
LQ Newbie
Registered: Feb 2008
Posts: 1

Rep: Reputation: 0
getent passwd not showing some users

Hey all,

I hope this is the correct forum for this question. If not, I apologies.

We have encountered a strange issue with getent passwd where several of the users that have been given UNIX IDs with in Active Directory do not show while others do. If you execute a getent passwd <specific user> it will display the expected information pertaining to that user.

We are using CentOS 5.1 with OpenLDAP 2.3.27 client. We are also using Windows 2003 R2 for the domain controller.

This problem is not a show stopper but it is a pain. It is an inconsistency that we would like to fix. (I don't like inconsistencies. ~(8-{)} )

Below are the configuration files used on each of the Linux clients. If AD information is needed I will have to drag it out of the windows administrator.

Thanks you all in advance for the help,


======== BEGIN: /etc/ldap.conf ==============
host {Domain Controller1}
port 389
ldap_version 3
base dc=xxx1,dc=xxx2,dc=xxx3
deref always
uri ldap://{Domain Controller1}/

binddn {A user}
bindpw {A password}

ssl no
scope sub
timelimit 30
bind_timelimit 30
idle_timelimit 3600
referrals no

nss_base_passwd dc=xxx1,dc=xxx2,dc=xxx3?sub
nss_base_shadow dc=xxx1,dc=xxx2,dc=xxx3?sub
nss_base_group dc=xxx1,dc=xxx2,dc=xxx3?sub

nss_map_objectclass posixAccount user
nss_map_objectclass posixGroup group
nss_map_objectclass shadowAccount user
nss_map_attribute uniqueMember member
nss_map_attribute homeDirectory unixHomeDirectory
nss_map_attribute gecos name

pam_filter objectclass=user
======== END: /etc/ldap.conf ==============

============ BEGIN: /etc/krb5.conf ===================
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

default_realm = XXX1.XXX2.XXX3
default_tgs_enctypes = des-cbc-crc des-cbc-md5
default_tkt_enctypes = des-cbc-crc des-cbc-md5
default_keytab_name = FILE:/etc/krb5.keytab

dns_lookup_realm = true
dns_lookup_kdc = true
XXX1.XXX2.XXX3 = {
kdc = {Domain Controller1}
kdc = {Domain Controller2}
passwd_server = {Domain Controller1}
admin_server = {Domain Controller1}
default_domain = xxx1.xxx2.xxx3

xxx1.xxx2.xxx3 = XXX1.XXX2.XXX3
.xxx1.xxx2.xxx3 = XXX1.XXX2.XXX3

profile = /var/kerberos/krb5kdc/kdc.conf

pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
============ END: /etc/krb5.conf ===================

============ BEGIN: /etc/samba/smb.conf ===================
workgroup = {WG name}

realm = xxx1.xxx2.xxx3
security = ads

client schannel = no
use spnego = yes
client use spnego = yes

domain master = no
local master = no
preferred master = no
os level = 99

encrypt passwords = yes
password server = {Domain Controller1}
use kerberos keytab = true

log file = /var/log/samba/%m.log
max log size = 50
dns proxy = no
hosts allow = all
============ END: /etc/samba/smb.conf ===================


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
getent passwd only pulls local info - getent group works? epoh Linux - Server 2 03-14-2008 07:56 AM
getent passwd errors - no users added jamiegordon Linux - Software 1 01-03-2008 09:33 AM
nss_ldap not working (getent passwd) WindowBreaker Slackware 2 06-27-2006 02:19 AM
SAMBA getent passwd command doesnt list all the users loganking Linux - Software 0 06-14-2006 11:22 AM
Showing Users from passwd kemplej Programming 1 12-30-2004 10:10 AM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 01:32 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration