Re: [Samba] Re: ldap / username issue
On Tue, 22 Feb 2005 22:47:43 -0700, Craig White <[EMAIL PROTECTED]> wrote: > On Tue, 2005-02-22 at 09:34 -0600, Chris McKeever wrote: > > wondering if anyone has any suggestions on this - beating my head > > against the wall - thanks > > > > > > On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <[EMAIL PROTECTED]> > > wrote: > > > thanks for the reply - > > > nscd is not running, nor is installed > > > > > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > > > <[EMAIL PROTECTED]> wrote: > > > > > with some more tinkering I was able to recreate the issue -- > > > > > delete an account out of ldap, readd it and it will not appear via > > > > > getent passwd > > > > > any ideas?? > > > > > > > > Is nscd running? > > Methinks that you should be looking at your DSA with some type of GUI > like GQ or phpldapadmin - where you might discover subtle differences in > the entries that are causing this behavior. > I pulled those using ldapsearch and JAVA LDAP BROWSER = I posted the results a couple posts ago - as far as I can see, they look identical --- any ideas? I cant seem to figure this out at all..thanks dn: uid=cgmckeever, ou=People, dc=prupref,dc=comdn: uid=agent-guest, ou=People, dc=prupref,dc=com objectClass: topobjectClass: top objectClass: person objectClass: person objectClass: organizationalPerson objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: inetOrgPerson objectClass: accountobjectClass: account objectClass: posixaccount objectClass: posixaccount objectClass: shadowaccount objectClass: shadowaccount objectClass: kerberosSecurityObject objectClass: kerberosSecurityObject objectClass: sambaAccount objectClass: sambaAccount sn: McKeeversn: guest givenName: Chris McKeever givenName: agent guest mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] shadowLastChange: 11761 shadowLastChange: 11761 shadowMin: -1 shadowMin: -1 shadowMax: 9shadowMax: 9 shadowWarning: -1 shadowWarning: -1 shadowInactive: -1 shadowInactive: -1 shadowExpire: -1shadowExpire: -1 shadowFlag: 7100670 shadowFlag: 7100670 krbName: [EMAIL PROTECTED] krbName: [EMAIL PROTECTED] loginShell: /bin/false loginShell: /bin/false uidNumber: 1277 uidNumber: 49344 gidNumber: 1002 gidNumber: 1002 homeDirectory: /home/ homeDirectory: /home/ gecos: Chris McKeever gecos: agent guest creatorsName: cn=root,dc=prupref,dc=com creatorsName: cn=root,dc=prupref,dc=com createTimestamp: 20030502214502ZcreateTimestamp: 20050218204327Z userPassword:: e01ENX1IZk8z userPassword:: e01ENX01UlhmRF uid: cgmckeever uid: agent-guest pwdLastSet: 1093903956 pwdLastSet: 1108759458 logonTime: 0logonTime: 0 logoffTime: 0 logoffTime: 2147483647 kickoffTime: 0 kickoffTime: 2147483647 pwdCanChange: 0 pwdCanChange: 0 displayName: Chris McKeever displayName: agent guest cn: Chris McKeever cn: agent guest rid: 3554 rid: 99688 primaryGroupID: 3005primaryGroupID: 3005 lmPassword: 6E265BE9lmPassword: A356673D ntPassword: 95A69025ntPassword: 2E6E2DA74 acctFlags: [UX ]acctFlags: [UX ] pwdMustChange: 108696195100 pwdMustChange: 108696195100 modifiersName: cn=root,dc=prupref,dc=commodifiersName: cn=root,dc=prupref,dc=com modifyTimestamp: 20040830221237ZmodifyTimestamp: 20050218204419Z > There are of course limits on the number of records returned from an > ldap query and I don't have a DSA that would reach tho
Re: [Samba] Re: ldap / username issue
final note until I knock my head against the wall - I can chown agent-guest file-name -- which means that the openldap/account handshake is working -- why doesnt getent passwd see certain accounts!?? -rw-r--r--1 agent-gu root 253465 Feb 23 16:55 getent.passwd On Wed, 23 Feb 2005 16:59:51 -0600, Chris McKeever <[EMAIL PROTECTED]> wrote: > some more information: > > if I 'getent shadow' - I can find the accounts in question, but getent > passwd just does not work - however, there are other accounts in the > LDAP, added the same way, and they show up in the 'getent passwd' > > ideas? > > > On Wed, 23 Feb 2005 15:39:35 -0600, Chris McKeever <[EMAIL PROTECTED]> wrote: > > On Tue, 22 Feb 2005 22:47:43 -0700, Craig White <[EMAIL PROTECTED]> wrote: > > > On Tue, 2005-02-22 at 09:34 -0600, Chris McKeever wrote: > > > > wondering if anyone has any suggestions on this - beating my head > > > > against the wall - thanks > > > > > > > > > > > > On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <[EMAIL PROTECTED]> > > > > wrote: > > > > > thanks for the reply - > > > > > nscd is not running, nor is installed > > > > > > > > > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > > > > > <[EMAIL PROTECTED]> wrote: > > > > > > > with some more tinkering I was able to recreate the issue -- > > > > > > > delete an account out of ldap, readd it and it will not appear > > > > > > > via getent passwd > > > > > > > any ideas?? > > > > > > > > > > > > Is nscd running? > > > > > > Methinks that you should be looking at your DSA with some type of GUI > > > like GQ or phpldapadmin - where you might discover subtle differences in > > > the entries that are causing this behavior. > > > > > > > I pulled those using ldapsearch and JAVA LDAP BROWSER = I posted the > > results a couple posts ago - as far as I can see, they look identical > > --- any ideas? I cant seem to figure this out at all..thanks > > > > > > dn: uid=cgmckeever, ou=People, dc=prupref,dc=comdn: uid=agent-guest, > > ou=People, dc=prupref,dc=com > > objectClass: topobjectClass: top > > objectClass: person objectClass: person > > objectClass: organizationalPerson objectClass: > > organizationalPerson > > objectClass: inetOrgPerson objectClass: > > inetOrgPerson > > objectClass: accountobjectClass: account > > objectClass: posixaccount objectClass: > > posixaccount > > objectClass: shadowaccount objectClass: > > shadowaccount > > objectClass: kerberosSecurityObject objectClass: > > kerberosSecurityObject > > objectClass: sambaAccount objectClass: > > sambaAccount > > sn: McKeeversn: guest > > givenName: Chris McKeever givenName: agent > > guest > > mail: [EMAIL PROTECTED]mail: [EMAIL PROTECTED] > > shadowLastChange: 11761 shadowLastChange: > > 11761 > > shadowMin: -1 shadowMin: -1 > > shadowMax: 9shadowMax: 9 > > shadowWarning: -1 shadowWarning: -1 > > shadowInactive: -1 shadowInactive: -1 > > shadowExpire: -1shadowExpire: -1 > > shadowFlag: 7100670 shadowFlag: 7100670 > > krbName: [EMAIL PROTECTED] krbName: [EMAIL > > PROTECTED] > > loginShell: /bin/false loginShell: > > /bin/false > > uidNumber: 1277 uidNumber: 49344 > > gidNumber: 1002 gidNumber: 1002 > > homeDirectory: /home/ homeDirectory: > > /home/ > > gecos: Chris McKeever gecos: agent guest > > creatorsName: cn=root,dc=prupref,dc=com creatorsName: > > cn=root,dc=prupref,dc=com > > createTimestamp: 20030502214502ZcreateTimestamp: > > 20050218204327Z > > userPassword:: e01ENX1IZk8z userPassword:: > > e01ENX01UlhmRF > > uid: cgmckeever uid: agent-guest > > pwdLastSet: 1093903956 pwdLastSet: > > 1108759458 > > logonTime: 0logonTime: 0 > > logoffTime: 0 logoffTime: > > 2147483647 > > kickoffTime: 0 kickoffTime: > > 2147483647 > > pwdCanChange: 0 pwdCanChange: 0 > > displayName: Chris McKeever dis
Re: [Samba] Re: ldap / username issue
some more information: if I 'getent shadow' - I can find the accounts in question, but getent passwd just does not work - however, there are other accounts in the LDAP, added the same way, and they show up in the 'getent passwd' ideas? On Wed, 23 Feb 2005 15:39:35 -0600, Chris McKeever <[EMAIL PROTECTED]> wrote: > On Tue, 22 Feb 2005 22:47:43 -0700, Craig White <[EMAIL PROTECTED]> wrote: > > On Tue, 2005-02-22 at 09:34 -0600, Chris McKeever wrote: > > > wondering if anyone has any suggestions on this - beating my head > > > against the wall - thanks > > > > > > > > > On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <[EMAIL PROTECTED]> > > > wrote: > > > > thanks for the reply - > > > > nscd is not running, nor is installed > > > > > > > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > > > > <[EMAIL PROTECTED]> wrote: > > > > > > with some more tinkering I was able to recreate the issue -- > > > > > > delete an account out of ldap, readd it and it will not appear via > > > > > > getent passwd > > > > > > any ideas?? > > > > > > > > > > Is nscd running? > > > > Methinks that you should be looking at your DSA with some type of GUI > > like GQ or phpldapadmin - where you might discover subtle differences in > > the entries that are causing this behavior. > > > > I pulled those using ldapsearch and JAVA LDAP BROWSER = I posted the > results a couple posts ago - as far as I can see, they look identical > --- any ideas? I cant seem to figure this out at all..thanks > > > dn: uid=cgmckeever, ou=People, dc=prupref,dc=comdn: uid=agent-guest, > ou=People, dc=prupref,dc=com > objectClass: topobjectClass: top > objectClass: person objectClass: person > objectClass: organizationalPerson objectClass: > organizationalPerson > objectClass: inetOrgPerson objectClass: > inetOrgPerson > objectClass: accountobjectClass: account > objectClass: posixaccount objectClass: > posixaccount > objectClass: shadowaccount objectClass: > shadowaccount > objectClass: kerberosSecurityObject objectClass: > kerberosSecurityObject > objectClass: sambaAccount objectClass: > sambaAccount > sn: McKeeversn: guest > givenName: Chris McKeever givenName: agent guest > mail: [EMAIL PROTECTED]mail: [EMAIL PROTECTED] > shadowLastChange: 11761 shadowLastChange: > 11761 > shadowMin: -1 shadowMin: -1 > shadowMax: 9shadowMax: 9 > shadowWarning: -1 shadowWarning: -1 > shadowInactive: -1 shadowInactive: -1 > shadowExpire: -1shadowExpire: -1 > shadowFlag: 7100670 shadowFlag: 7100670 > krbName: [EMAIL PROTECTED] krbName: [EMAIL PROTECTED] > loginShell: /bin/false loginShell: /bin/false > uidNumber: 1277 uidNumber: 49344 > gidNumber: 1002 gidNumber: 1002 > homeDirectory: /home/ homeDirectory: /home/ > gecos: Chris McKeever gecos: agent guest > creatorsName: cn=root,dc=prupref,dc=com creatorsName: > cn=root,dc=prupref,dc=com > createTimestamp: 20030502214502ZcreateTimestamp: > 20050218204327Z > userPassword:: e01ENX1IZk8z userPassword:: > e01ENX01UlhmRF > uid: cgmckeever uid: agent-guest > pwdLastSet: 1093903956 pwdLastSet: 1108759458 > logonTime: 0logonTime: 0 > logoffTime: 0 logoffTime: 2147483647 > kickoffTime: 0 kickoffTime: > 2147483647 > pwdCanChange: 0 pwdCanChange: 0 > displayName: Chris McKeever displayName: agent > guest > cn: Chris McKeever cn: agent guest > rid: 3554 rid: 99688 > primaryGroupID: 3005primaryGroupID: 3005 > lmPassword: 6E265BE9lmPassword: A356673D > ntPassword: 95A69025ntPassword: 2E6E2DA74 > acctFlags: [UX ]acctFlags: [UX > ] > pwdMustChange: 108696195100 pwdM
Re: [Samba] Re: ldap / username issue
On Wed, 2005-02-23 at 16:59 -0600, Chris McKeever wrote: > some more information: > > if I 'getent shadow' - I can find the accounts in question, but getent > passwd just does not work - however, there are other accounts in the > LDAP, added the same way, and they show up in the 'getent passwd' > I understand you are eager for someone to solve your issue. Unfortunately, you are the one in the best position to do that and it would seem to me that no amount of data dumps that you post are likely to have someone solve this problem as it clearly isn't an obvious problem. In theory, if you did a 'getent passwd' > /tmp/passwd_and_ldap and then did a diff between that file and your /etc/passwd, the difference should represent the entries coming from your DSA if properly configured using the padl tools like nsswitch I suggested that you use the GUI tools to examine accounts that are in LDAP - those that appear in getent passwd and those that don't. You could slapcat your DSA - delete the files and reload from the ldif created by slapcat. Perhaps you are having problems with LDAP storage/retrieval. Turn up your logging level on ldap I guess that this isn't a samba issue but an ldap issue - possibly with the other tools on your system - nscd (try turning it off). Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: ldap / username issue
On Tue, 2005-02-22 at 09:34 -0600, Chris McKeever wrote: > wondering if anyone has any suggestions on this - beating my head > against the wall - thanks > > > On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <[EMAIL PROTECTED]> wrote: > > thanks for the reply - > > nscd is not running, nor is installed > > > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > > <[EMAIL PROTECTED]> wrote: > > > > with some more tinkering I was able to recreate the issue -- > > > > delete an account out of ldap, readd it and it will not appear via > > > > getent passwd > > > > any ideas?? > > > > > > Is nscd running? Methinks that you should be looking at your DSA with some type of GUI like GQ or phpldapadmin - where you might discover subtle differences in the entries that are causing this behavior. There are of course limits on the number of records returned from an ldap query and I don't have a DSA that would reach those limits to conduct experiments. Craig -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: ldap / username issue
wondering if anyone has any suggestions on this - beating my head against the wall - thanks On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <[EMAIL PROTECTED]> wrote: > thanks for the reply - > nscd is not running, nor is installed > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > <[EMAIL PROTECTED]> wrote: > > > with some more tinkering I was able to recreate the issue -- > > > delete an account out of ldap, readd it and it will not appear via getent > > > passwd > > > any ideas?? > > > > Is nscd running? > > > > > > > > -- > -- > please respond to the list .. if you need to contact me direct > cgmckeever is the account > prupref.com is the domain > > http://www.prupref.com";>Simply Chicago Real Estate > -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain http://www.prupref.com";>Simply Chicago Real Estate -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: ldap / username issue
thanks for the reply - nscd is not running, nor is installed On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams <[EMAIL PROTECTED]> wrote: > > with some more tinkering I was able to recreate the issue -- > > delete an account out of ldap, readd it and it will not appear via getent > > passwd > > any ideas?? > > Is nscd running? > > > -- -- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain http://www.prupref.com";>Simply Chicago Real Estate -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: ldap / username issue
> with some more tinkering I was able to recreate the issue -- > delete an account out of ldap, readd it and it will not appear via getent > passwd > any ideas?? Is nscd running? signature.asc Description: This is a digitally signed message part -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
