On 06/23/2010 06:45 AM, Eric Doutreleau wrote: > i m trying to setup sssd 1.2 on our network and i have strange behaviour > with it > > here is my config > > [sssd] > config_file_version = 2 > > reconnection_retries = 3 > > sbus_timeout = 30 > services = nss, pam > > domains = default > [nss] > filter_groups = root > filter_users = root > reconnection_retries = 3 > > [pam] > reconnection_retries = 3 > > [domain/default] > > ldap_id_use_start_tls = False > ldap_tls_reqcert = never > cache_credentials = True > ldap_search_base = dc=int-evry,dc=fr > ldap_user_search_base = ou=People,dc=int-evry,dc=fr > ldap_group_search_base = ou=Group,ou=System,dc=int-evry,dc=fr > chpass_provider = none > id_provider = ldap > auth_provider = ldap > debug_level = 9 > min_id = 1 > ldap_uri = ldap://ldapdev.int-evry.fr/ > ldap_schema = rfc2307 > access_provider = ldap > ldap_access_filter = IntEPersInetServ=*unix-int* > ldap_default_bind_dn = cn=mcibind,ou=System,dc=int-evry,dc=fr > ldap_default_authtok_type = password > ldap_default_authtok = xxxxxx > enumerate = True > create_homedir = False > > but when i connect to the machine i got the following message > ssh doutrele@b008-07 > Last login: Wed Jun 23 15:21:10 2010 from 157.159.21.133 > id: cannot find name for user ID 14517 > id: cannot find name for group ID 145 > id: cannot find name for user ID 14517 > $ id > uid=14517 gid=145 groupes=145,146,160,401,1000000,1000008 > $ id doutrele > id: doutrele : No such user > if i run ldapsearch i can acces to the value > > ldapsearch -x uidNumber=14517 -b dc=int-evry,dc=fr -h > ldapdev.int-evry.fr -D cn=mcibind,ou=system,dc=int-evry,dc=fr -W uid cn > gidNumber uidNumber Gecos > Enter LDAP Password: > # extended LDIF > # > # LDAPv3 > # base<dc=int-evry,dc=fr> with scope subtree > # filter: uidNumber=14517 > # requesting: uid cn gidNumber uidNumber Gecos > # > > # doutrele, People, int-evry.fr > dn: uid=doutrele,ou=People,dc=int-evry,dc=fr > uidNumber: 14517 > gidNumber: 145 > uid: doutrele > gecos: Eric DOUTRELEAU > cn: Eric DOUTRELEAU > > # search result > search: 2 > result: 0 Success > > # numResponses: 2 > # numEntries: 1 > > it looks like a problem with accces of data but i can"t see where is the > problem. > is there a way to see what is in the local cache? Have you configured /etc/nsswitch.conf? You need something like: passwd: files ldap shadow: files ldap group: files ldap or the system won't know to look at LDAP (or the nscd cache if you have it running) to supplement the /etc/passwd, /etc/shadow or /etc/group files. Try "getent passwd". You should see the data from your /etc/passwd file AND your LDAP data. If you don't see the LDAP data, then the odds are your nsswitch.conf isn't set up. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer, C2 Hosting ricks@xxxxxxxx - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "If you can't fix it...duct tape it!" -- Tim Allen - ---------------------------------------------------------------------- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
