<div>Hi all,</div>
<div>I'm running openldap-2.2.23-5 on FC4 with nss_ldap, I'm was able start the server and populate the db using smbldap-tool, ldapsearch works, smbldap-useradd works, but I can't seem to make name switch to work, I tried both "files ldap" and "compat ldap" for passwd/shadow/group, PAM system-auth seems to be ok.
</div>
<div>I think I should be able to see the ldap users when I do "getent passwd", but this only shows the passwd file content.</div>
<div>please help!</div>
<div> </div>
<div>Many thanks!</div>
<div> </div>
<div>- Yang</div>
<div> </div>
<div>#system-auth</div>
<div>#%PAM-1.0<br># This file is auto-generated.<br># User changes will be destroyed the next time authconfig is run.<br>auth required /lib/security/$ISA/pam_env.so<br>auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok
<br>auth sufficient /lib/security/$ISA/pam_ldap.so use_first_pass<br>auth required /lib/security/$ISA/pam_deny.so</div>
<div>
<p>account required /lib/security/$ISA/pam_unix.so broken_shadow<br>account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet<br>account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_ldap.so
<br>account required /lib/security/$ISA/pam_permit.so</p>
<p>password requisite /lib/security/$ISA/pam_cracklib.so retry=3<br>password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow<br>password sufficient /lib/security/$ISA/pam_ldap.so use_authtok
<br>password required /lib/security/$ISA/pam_deny.so</p>
<p>session required /lib/security/$ISA/pam_limits.so<br>session required /lib/security/$ISA/pam_unix.so<br>session optional /lib/security/$ISA/pam_ldap.so</p>
<p>#NSSWITCH</p>
<p>passwd: compat ldap<br>group: compat ldap</p>
<p>hosts: files dns<br>networks: files dns</p>
<p>services: files ldap<br><span></span>protocols: files ldap<br>rpc: files<br>ethers: files<br>netmasks: files<br>netgroup: files ldap<br>publickey: files</p>
<p>bootparams: files<br>automount: files ldap<br>aliases: files</p>
<p>shadow: compat ldap</p>
<p>#/etc/ldap.conf</p>
<p>host <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://127.0.0.1/" target="_blank">127.0.0.1</a><br>base dc=xxx,dc=com<br># stored in /etc/ldap.secret (mode 600)<br>rootbinddn cn=nssldap,ou=DSA,dc=xxx,dc=com
</p>
<p>nss_base_passwd ou=Users,dc=xxx,dc=com?one<br>nss_base_passwd ou=Computers,dc=xxx,dc=com?one<br>nss_base_shadow ou=Users,dc=xxx,dc=com?one<br>nss_base_group ou=Groups,dc=xxx,dc=com?one
</p>
<p>pam_password md5<br>ssl no<br></p></div>