[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Authentication and group/username resolving problem



Thank you for the response.
I checked permissions, bob can read (with less) the file.
I also checked /etc/pam.d that one and system-auth in there were 700 and 600
and I changed that to 755 and 644 (not sure what they are supposed to be).
But it didn't fix it either...

Do you have another idea?

Thanks,

MARK


> -----Original Message-----
> From: fedora-list-bounces redhat com 
> [mailto:fedora-list-bounces redhat com] On Behalf Of Nalin Dahyabhai
> Sent: Thursday, October 21, 2004 10:49 AM
> To: fedora-list redhat com
> Subject: Re: Authentication and group/username resolving problem
> 
> 
> On Thu, Oct 21, 2004 at 10:37:22AM -0700, Mark wrote:
> > I have LDAP setup to do userid, groupid and password 
> handling for me.
> > I added "ldap" to 3 categories in nsswitch: passwd, shadow and group
> > Do I need to add LDAP to any others?
> > 
> > The problem I have is the following:
> > I can logon with a user (for example bob) that is setup in the LDAP
> > directory and does not exist locally.
> > When bob logs in, there is are error messages saying :
> > id: cannot find name for user ID 20002
> > id: cannot find name for group ID 20001
> > id: cannot find name for group ID 20003
> > id: cannot find name for group ID 20002
> > id: cannot find name for group ID 20000
> > 
> > If bob does "finger bob" or "groups bob", it says no such user.
> > 
> > If root does "finger bob" or "groups bob", everything comes up fine.
> >
> > Is this a permission problem that prevents users other than 
> root to use
> > LDAP?
> 
> Nine times out of ten, this means that the permissions on
> /etc/nsswitch.conf are set up so that root can read it but 
> bob can't, so
> applications which bob runs fall back to glibc's compiled-in defaults
> for the settings which are stored in that file.
> 
> HTH,
> 
> Nalin
> 
> -- 
> fedora-list mailing list
> fedora-list redhat com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]