[Fwd: [K12OSN] RE: K12ltsp login]
Rob Owens
rowens at ptd.net
Thu Jan 22 01:38:55 UTC 2009
Do you have a local user and an LDAP user with the same name? If so, the local user and the LDAP user will have different UID's. What *could* happen is that you authenticate to the LDAP server as "bob" with UID 10001, but your home directory is owned by "bob" with UID 1001 (different UID). *Maybe* that's what's causing your problems.
-Rob
On Wed, Jan 21, 2009 at 04:04:07PM -0800, Bob Mead wrote:
> Turns out that my username and pwd do not work, but everyone else's
> does. Poor testing regimen on my part. That said, I cannot figure out
> what is wrong with my profile. It has the same permissions as everyone
> else. It works on all other servers I log into. Just not *this one*.
> Given that I had the previous problem with my .dmrc file, I can see that
> there is an ongoing problem here that I did not solve by fixing the
> .dmrc issue.
>
> I tried tailing /var/log/messages on the ldap server to see what happens
> when I login vs. anyone else. I copied the very first message of
> successive logins as user <test1> and then as <me>. As you can see
> below, the <test1> user has an additional filter
> (&(objectClass=posixAccount) that I do not:
>
> Jan 21 15:41:48 <server name> slapd[4228]: conn=121233 op=1 SRCH
> base="dc=slane,dc=k12,dc=or,dc=us" scope=2
> filter="(&(objectClass=posixAccount)(uid=<test1>))"
>
> Jan 21 15:37:03 <server name> slapd[5920]: conn=120122 op=1 SRCH
> base="dc=slane,dc=k12,dc=or,dc=us" scope=2 filter="(uid=<me>)"
>
> The other messages that follow all have the "extra" filter for either
> login uid.
>
> I would like to tell you the version of openldap we run, but I have been
> unsuccessful in finding out how to do this. The el5 install is x86.
>
> Anyone have a thought on how to check out my profile and why its
> failing? Or how to tell the version of ldap?
>
> Thanks,
> ~bob
>
> Barry Cisna wrote:
> >Bob,
> >
> >try the following. create a new user johnsmith. then;
> >' chmod -c -R 777 /home/johnsmith '
> >see if johnsmith can login.
> >if johnsmith can not login look in /messages log and see what the exact
> >error is.
> >Also I may haved missed? what version is the ldap server and is your el5
> >x86 or _x64?
> >let us know your finding,please.
> >
> >Take Care,
> >Barry Cisna
> >
> >_______________________________________________
> >K12OSN mailing list
> >K12OSN at redhat.com
> >https://www.redhat.com/mailman/listinfo/k12osn
> >For more info see <http://www.k12os.org>
> >
> >
> begin:vcard
> fn:Bob Mead
> n:Mead;Bob
> org:South Lane School District;Technology Services Center
> email;internet:bmead at lane.k12.or.us
> title:Network Specialist
> tel;work:541.762.1124
> version:2.1
> end:vcard
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
More information about the K12OSN
mailing list