[Samba] [more info] getpwnam fails on ldap

Josh Kelley joshkel at gmail.com
Thu Dec 8 14:53:04 GMT 2005

On 12/6/05, tom burkart <samba at aussec.com> wrote:
> Yet "getent passwd | grep <username>" returns the entry from the ldap
> directory.  The only problem I have found is that "getent shadow | grep
> <username>" returns a "<username>:x:::::::0" entry (ie cannot access
> shadow info).  All these commands are run as root so this should not be an
> issue.  But this seems to clear samba of being at fault and seems to point
> at nss_ldap.  I am somewhat guessing so I could be wrong here.

Did you make sure to set rootbinddn in /etc/ldap.conf and the root
password in /etc/ldap.secret?  Otherwise, getent shadow runs as an
unprivileged user, even as root.  Did you check permissions on
/etc/ldap.secret (should be mode 0600)?

Josh Kelley

More information about the samba mailing list