missing user name
Harris, Todd
Brian.Harris at progeny.net
Wed Aug 1 15:10:04 UTC 2012
SELinux is not running on any of these systems.
-----Original Message-----
From: Daniel J Walsh [mailto:dwalsh at redhat.com]
Sent: Wednesday, August 01, 2012 8:30 AM
To: Harris, Todd
Cc: Saunders, Thomas D. II; linux-audit at redhat.com
Subject: Re: missing user name
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/31/2012 04:33 PM, Harris, Todd wrote:
> We are using a product called Likewise, which was purchased by beyond
> trust. I don?t know if I mentioned it before but the system works on
> the other rhel nodes we have.
>
>
Any SELinux issues?
>
> *From:*Saunders, Thomas D. II [mailto:THOMAS.D.SAUNDERS.II at saic.com]
> *Sent:* Tuesday, July 31, 2012 3:16 PM *To:* Harris, Todd;
> linux-audit at redhat.com *Subject:* RE: missing user name
>
>
>
> Are you using OpenLDAP to connect to MS AD servers?
>
>
>
> Tom Saunders | SAIC Senior Information Assurance & Security Engineer phone:
> 540-653-0986 | fax 540-663-0640
>
> mobile: 540-408-3087| email: SaundersT at saic.com
> <mailto:SaundersT at saic.com> SIPRnet:
> Thomas.D.Saunders at us.army.smil.mil
> <mailto:Thomas.D.Saunders at us.army.smil.mil>
>
> SIPRnet: Thomas.Saunders at navy.smil.mil
> <mailto:Thomas.Saunders at navy.smil.mil>
>
>
>
> Science Applications International Corporation SAIC 16442 Commerce
> Drive King George, VA 22485
>
> www.saic.com <http://www.saic.com/>
>
>
>
>
>
> ----------------------------------------------------------------------
> ----------
>
> *From:*linux-audit-bounces at redhat.com
> <mailto:linux-audit-bounces at redhat.com> on behalf of Harris, Todd
> *Sent:* Tue 7/31/2012 3:06 PM *To:* linux-audit at redhat.com
> <mailto:linux-audit at redhat.com> *Subject:* missing user name
>
> I?m looking at a problem that has me really scratching my head.
>
>
>
> I?ve got a rhel 5.4 system that?s using likewise and active directory
> to authenticate users, at least ones that are not defined locally.
> Locally defined users work just fine, but any user that is defined in
> the active directory server is showing up in events as ?unknown(uid)?
> the uid appears to be filled out correctly, and if the user is defined
> locally as well as in active directory it works just fine, but that
> kind of defeats the purpose. Also failed logins are showing up
> correctly, but I can?t figure out what they have done to their system
> to cause this. Can anyone give me a little direction on where I
> should look to determine what?s actually going on. I haven?t been
> able to determine how the system actually resolves the user names.
>
>
>
> Don?t know if this is important but we are using the prelude plugin
> and where we notice the discrepancy is in the output from the
> prelude-manager, I have not looked to see if it?s wrong in the aureords.
>
>
>
> _______________________________
>
> Todd Harris
>
> Progeny Systems
>
> Office Number: 703-368-6107 ext517
>
>
>
>
>
>
>
> -- Linux-audit mailing list Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAlAZIU8ACgkQrlYvE4MpobPxqgCguRHT0pqj8ZkRzyOTGrOm9BNP
PM0AoKDWAtY8OVQqzJbcM9QGQJmrDfzc
=cCap
-----END PGP SIGNATURE-----
More information about the Linux-audit
mailing list