On Dec 8, Josh Kelley wrote:
On 12/6/05, tom burkart <[EMAIL PROTECTED]> wrote:
Yet "getent passwd | grep <username>" returns the entry from the ldap
directory. The only problem I have found is that "getent shadow | grep
<username>" returns a "<username>:x:::::::0" entry (ie cannot access
shadow info). All these commands are run as root so this should not be an
Did you make sure to set rootbinddn in /etc/ldap.conf and the root
password in /etc/ldap.secret? Otherwise, getent shadow runs as an
unprivileged user, even as root. Did you check permissions on
/etc/ldap.secret (should be mode 0600)?
Yes, yes, correct, yes.
What is more strange is that on both servers this is what gets returned,
yet using samba, one works, the other doesn't.
From my debugging so far:
What is more interesting is that samba actually uses the rootbinddn for
the machine login, then retrieves the user information (correctly). Then
for some reason it switches to the "proxyuser" (as defined in ldap.conf)
which has little privilege, and then does something else which then fails
with the getpwnam error.
I am in the process of making sure every binary on both machines are
identical to see what happens...
tom.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
