On Thu, Oct 21, 2004 at 10:37:22AM -0700, Mark wrote: > I have LDAP setup to do userid, groupid and password handling for me. > I added "ldap" to 3 categories in nsswitch: passwd, shadow and group > Do I need to add LDAP to any others? > > The problem I have is the following: > I can logon with a user (for example bob) that is setup in the LDAP > directory and does not exist locally. > When bob logs in, there is are error messages saying : > id: cannot find name for user ID 20002 > id: cannot find name for group ID 20001 > id: cannot find name for group ID 20003 > id: cannot find name for group ID 20002 > id: cannot find name for group ID 20000 > > If bob does "finger bob" or "groups bob", it says no such user. > > If root does "finger bob" or "groups bob", everything comes up fine. > > Is this a permission problem that prevents users other than root to use > LDAP? Nine times out of ten, this means that the permissions on /etc/nsswitch.conf are set up so that root can read it but bob can't, so applications which bob runs fall back to glibc's compiled-in defaults for the settings which are stored in that file. HTH, Nalin
