getent not returning information expected.
Kyle L
anzenketh at gmail.com
Tue Oct 22 08:53:13 MDT 2013
I setup nslcd in accordance with
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
verified
that it is working(sortof) due when I remove ldap from nsswitch.conf some
of the entries to not appear. However some of the expected entries namely
The group parents and the user klaw and the User Administrator
# ldapsearch -H ldap://localhost:389 -U Administrator -b
"OU=Parents,dc=lawhome,dc=anzenketh,dc=local" |grep sAMAccountName
SASL/NTLM authentication started
Please enter your password:
SASL username: Administrator
SASL SSF: 0
sAMAccountName: klaw
sAMAccountName: anzenketh
sAMAccountName: icehollow
sAMAccountName: Parents
#
# getent passwd |grep klaw
# getent passwd |grep Administrator
# getent group |grep Parents
# getent group |grep icehollow
Domain Users:*:10000:anzenketh,icehollow
#
# nslcd --version
nss-pam-ldapd 0.8.4
Written by Luke Howard and Arthur de Jong.
Copyright (C) 1997-2011 Luke Howard, Arthur de Jong and West Consulting
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
The following is my config with supplemented sensitive information:
# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.
# The user and group nslcd should run as.
uid nslcd
gid nslcd
# The location at which the LDAP server(s) should be reachable.
uri ldap://127.0.0.1:389
# The search base that will be used for all queries.
base dc=lawhome,dc=anzenketh,dc=local
#Settings for AD
pagesize 1000
referrals off
# Filters (only required if your accounts doesn't have
objectClass=posixAccount
# and your groups haven't objectClass=posixGroup. This objectClasses won't
be added
# by ADUC. So they won't be there automatically!)
filter passwd (objectClass=user)
filter group (objectClass=group)
# Attribut mappings (depending on your nslcd version, some might not be
# necessary or can cause errors and can/must be removed)
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map passwd gecos displayName
map passwd gidNumber primaryGroupID
#map group uniqueMember member
# The LDAP protocol version to use.
#ldap_version 3
# The DN to bind with for normal lookups.
binddn cn=User,cn=Users,DC=lawhome,DC=anzenketh,DC=local
bindpw secretpassword
More information about the samba-technical
mailing list