Am Mittwoch, den 15.06.2011, 23:19 +0200 schrieb Arthur de Jong: > On Wed, 2011-06-15 at 01:05 +0200, f...@fkoop.de wrote: > > I configured nsswitch.conf in the following way: > > > > passwd: compat ldap > > group: compat ldap > > shadow: compat ldap > > Is there a particular reason you use compat here? I would recommend > using: > files ldap > unless you also use NIS. >
I tried with both with the same results. Before I had the problems (starting about 2 days ago) I remembered that there was an entry called "compat ldap", that's basically while I used it. But as I do not use NIS , I will change that to "files ldap". > > If I use the command "getent passwd" I get all of the passwd entries > > of the local system and additionally the information about the users > > stored on the ldap server. Any idea how I can further debug the > > situation? > > If you run "getent shadow" as root do you also get all users? Shadow > information needs to be present for pam_unix to work currently. > No entries for shadow in ldap. Is that the reason why it stopped working? If so, is that documented somewhere? I wasn't aware that I need to add shadow information in ldap to be able to use my setup, which has worked for several months before. > If you're using nslcd, could you provide the contents > of /etc/nslcd.conf. Here it is: # /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details. # The user and group nslcd should run as. uid nslcd gid nslcd # The location at which the LDAP server(s) should be reachable. uri ldap://192.168.8.3/ # The search base that will be used for all queries. base dc=fkoop,dc=de # The LDAP protocol version to use. ldap_version 3 # The DN to bind with for normal lookups. #binddn cn=annonymous,dc=example,dc=net #bindpw secret # SSL options #ssl off #tls_reqcert never # The search scope. #scope sub > > Also, are you using nscd or unscd? Some users seem to have problems with > that. Does "getent passwd fkoop" produce the output you expect? > I am using nscd and yes, "getent passwd fkoop" produces the expected output. -- Mit freundlichen Grüßen Felix Koop -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
