getent not returning information expected.

Kyle L anzenketh at gmail.com
Tue Oct 22 08:53:13 MDT 2013 

I setup nslcd in accordance with
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
verified
that it is working(sortof) due when I remove ldap from nsswitch.conf some
of the entries to not appear. However some of the expected entries namely
The group parents and the user klaw and the User Administrator


# ldapsearch -H ldap://localhost:389 -U Administrator -b
"OU=Parents,dc=lawhome,dc=anzenketh,dc=local" |grep sAMAccountName
SASL/NTLM authentication started
Please enter your password:
SASL username: Administrator
SASL SSF: 0
sAMAccountName: klaw
sAMAccountName: anzenketh
sAMAccountName: icehollow
sAMAccountName: Parents
#


# getent passwd |grep klaw
# getent passwd |grep Administrator
# getent group |grep Parents

# getent group |grep icehollow
Domain Users:*:10000:anzenketh,icehollow
#


# nslcd --version
nss-pam-ldapd 0.8.4
Written by Luke Howard and Arthur de Jong.

Copyright (C) 1997-2011 Luke Howard, Arthur de Jong and West Consulting
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#


The following is my config with supplemented sensitive information:

# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.

# The user and group nslcd should run as.
uid nslcd
gid nslcd

# The location at which the LDAP server(s) should be reachable.
uri ldap://127.0.0.1:389

# The search base that will be used for all queries.
base dc=lawhome,dc=anzenketh,dc=local

#Settings for AD
pagesize 1000
referrals off

# Filters (only required if your accounts doesn't have
objectClass=posixAccount
# and your groups haven't objectClass=posixGroup. This objectClasses won't
be added
# by ADUC. So they won't be there automatically!)
filter  passwd  (objectClass=user)
filter  group   (objectClass=group)

# Attribut mappings (depending on your nslcd version, some might not be
# necessary or can cause errors and can/must be removed)
map     passwd  uid                sAMAccountName
map     passwd  homeDirectory      unixHomeDirectory
map     passwd  gecos              displayName
map     passwd  gidNumber          primaryGroupID
#map     group   uniqueMember       member

# The LDAP protocol version to use.
#ldap_version 3

# The DN to bind with for normal lookups.
binddn cn=User,cn=Users,DC=lawhome,DC=anzenketh,DC=local
bindpw secretpassword

More information about the samba-technical mailing list