--_000_4B4F50906B76C1459E6ABD9205FB8DE6A56580RHVEXRDAS51corpeb_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Thanks a lot for the information. I have the following configurations, coul= d you check and help me to fix the NSS config.
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=3Dreturn]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# nis or yp Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# db Use the local database (.db) files
# compat Use NIS on compat mode
# hesiod Use Hesiod for user lookups
# ldap Use LDAP (only if nss_ldap is installed)
# nisplus or nis+ Use NIS+ (NIS version 3), unsupported
# [NOTFOUND=3Dreturn] Stop searching if not found so far
#
# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd: db files ldap nis
#shadow: db files ldap nis
#group: db files ldap nis
passwd: files
shadow: files
group: files
#hosts: db files ldap nis dns
hosts: files dns
# Example - obey only what ldap tells us...
#services: ldap [NOTFOUND=3Dreturn] files
#networks: ldap [NOTFOUND=3Dreturn] files
#protocols: ldap [NOTFOUND=3Dreturn] files
#rpc: ldap [NOTFOUND=3Dreturn] files
#ethers: ldap [NOTFOUND=3Dreturn] files
bootparams: files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: files
publickey: files
automount: files
aliases: files
[root@ppdoldap01 etc]# uptime
18:02:10 up 230 days, 10:53, 2 users, load average: 0.95, 0.98, 0.92
[root@ppdoldap01 etc]# more nscd.conf
#
# /etc/nscd.conf
#
# An example Name Service Cache config file. This file is needed by nscd.
#
# Legal entries are:
#
# logfile <file>
# debug-level <level>
# threads <initial #threads to use>
# max-threads <maximum #threads to use>
# server-user <user to run server as instead of root>
# server-user is ignored if nscd is started with -S parameter= s
# stat-user <user who is allowed to request statistics>
# reload-count unlimited|<number>
# paranoia <yes|no>
# restart-interval <time in seconds>
#
# enable-cache <service> <yes|no>
# positive-time-to-live <service> <time in seconds>
# negative-time-to-live <service> <time in seconds>
# suggested-size <service> <prime number>
# check-files <service> <yes|no>
# persistent <service> <yes|no>
# shared <service> <yes|no>
# max-db-size <service> <number bytes>
# auto-propagate <service> <yes|no>
#
# Currently supported cache names (services): passwd, group, hosts
#
# logfile /var/log/nscd.log
# threads 6
# max-threads 128
server-user nscd
# stat-user nocpulse
debug-level 0
# reload-count 5
paranoia no
# restart-interval 3600
enable-cache passwd yes
positive-time-to-live passwd 600
negative-time-to-live passwd 20
suggested-size passwd 211
check-files passwd yes
persistent passwd yes
shared passwd yes
max-db-size passwd 33554432
auto-propagate passwd yes
enable-cache group yes
positive-time-to-live group 3600
negative-time-to-live group 60
suggested-size group 211
check-files group yes
persistent group yes
shared group yes
max-db-size group 33554432
auto-propagate group yes
enable-cache hosts yes
positive-time-to-live hosts 3600
negative-time-to-live hosts 20
suggested-size hosts 211
check-files hosts yes
persistent hosts yes
shared hosts yes
max-db-size hosts 33554432
[etc]# cat libuser.conf
# This is a first-generation configuration file. Eventually I'll rewrite
# all of the configuration-reading code to use alchemist, but for now this
# will have to do.
# Do not modify the default module list if you care about unattended calls
# to programs (i.e., scripts) working!
[defaults]
# The default (/usr/lib*/libuser) is usually correct
# moduledir =3D /your/custom/directory
skeleton =3D /etc/skel
mailspooldir =3D /var/mail
modules =3D files shadow
create_modules =3D files shadow
crypt_style =3D md5
# modules =3D files shadow ldap krb5
# create_modules =3D ldap krb5
[userdefaults]
LU_USERNAME =3D %n
LU_UIDNUMBER =3D 500
LU_GIDNUMBER =3D %u
# LU_USERPASSWORD =3D !!
# LU_GECOS =3D %n
# LU_HOMEDIRECTORY =3D /home/%n
# LU_LOGINSHELL =3D /bin/bash
# LU_SHADOWNAME =3D %n
# LU_SHADOWPASSWORD =3D !!
# LU_SHADOWLASTCHANGE =3D %d
# LU_SHADOWMIN =3D 0
# LU_SHADOWMAX =3D 99999
# LU_SHADOWWARNING =3D 7
# LU_SHADOWINACTIVE =3D -1
# LU_SHADOWEXPIRE =3D -1
# LU_SHADOWFLAG =3D -1
[groupdefaults]
LU_GROUPNAME =3D %n
LU_GIDNUMBER =3D 500
# LU_GROUPPASSWORD =3D !!
# LU_MEMBERUID =3D
# LU_ADMINISTRATORUID =3D
[files]
# This is useful for the case where some master files are used to
# populate a different NSS mechanism which this workstation uses.
# directory =3D /etc
[shadow]
# This is useful for the case where some master files are used to
# populate a different NSS mechanism which this workstation uses.
# directory =3D /etc
[ldap]
# Setting these is always necessary.
# server =3D ldap
# basedn =3D dc=3Dexample,dc=3Dcom
# Setting these is rarely necessary, since it's usually correct.
# userBranch =3D ou=3DPeople
# groupBranch =3D ou=3DGroup
# Set only if your administrative user uses simple bind operations to
# connect to the server.
# binddn =3D cn=3DManager,dc=3Dexample,dc=3Dcom
# Set this only if the default user (as determined by SASL) is incorrect
# for SASL bind operations. Usually, it's correct, so you'll rarely need
# to set these.
# user =3D Manager
# authuser =3D Manager
[krb5]
# Set this only if it differs from the default in /etc/krb5.conf.
# realm =3D EXAMPLE.COM
# Set this only if the default (currentuser/admin) will be incorrect.
# principal =3D example/admin@EXAMPLE.COM
[sasl]
# Set these only if your sasldb is only used by a particular application, a= nd
# in a particular domain. The default (all applications, all domains) is
# probably correct for most installations.
# appname =3D imap
# domain =3D EXAMPLE.COM
-----Original Message----- From: masarati@aero.polimi.it [mailto:masarati@aero.polimi.it] Sent: Friday, April 13, 2012 11:22 PM To: VEERASWAMY PALANIAPPAN, NATARRAJAN(VPN) Cc: openldap-its@openldap.org Subject: Re: (ITS#7243) sudo: uid 14281 does not exist in the passwd file!
Full_Name: Natarrajan
Version: 2.2.13-7.4E
OS: RHEL4.5
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (216.113.168.128)
I am getting the following error frequently in my ldap client machine.
LDAPCLIENT ~> whoami
whoami: cannot find name for user ID 14281 LDAPCLIENT ~> sudo -u qserv
ls
sudo: uid 14281 does not exist in the passwd file!
Let me know the fix for the issue.
Upgrade (2.2.13 is about 10 years old now; 2.4.30 is the current release).
Then, fix the configuration of your nss?
p.
--_000_4B4F50906B76C1459E6ABD9205FB8DE6A56580RHVEXRDAS51corpeb_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:= //www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
<meta name=3D"Generator" content=3D"Microsoft Word 14 (filtered medium)"> <style><!-- /* Font Definitions */ @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} p.MsoPlainText, li.MsoPlainText, div.MsoPlainText {mso-style-priority:99; mso-style-link:"Plain Text Char"; margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} span.PlainTextChar {mso-style-name:"Plain Text Char"; mso-style-priority:99; mso-style-link:"Plain Text"; font-family:"Calibri","sans-serif";} .MsoChpDefault {mso-style-type:export-only; font-family:"Calibri","sans-serif";} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> </head> <body lang=3D"EN-US" link=3D"blue" vlink=3D"purple"> <div class=3D"WordSection1"> <p class=3D"MsoPlainText">Thanks a lot for the information. I have the foll= owing configurations, could you check and help me to fix the NSS config.<o:= p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"><b># /etc/nsswitch.conf<o:p></o:p></b></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># An example Name Service Switch config file. Thi= s file should be<o:p></o:p></p> <p class=3D"MsoPlainText"># sorted with the most-used services at the begin= ning.<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># The entry '[NOTFOUND=3Dreturn]' means that the = search for an<o:p></o:p></p> <p class=3D"MsoPlainText"># entry should stop if the search in the previous= entry turned<o:p></o:p></p> <p class=3D"MsoPlainText"># up nothing. Note that if the search failed due = to some other reason<o:p></o:p></p> <p class=3D"MsoPlainText"># (like no NIS server responding) then the search= continues with the<o:p></o:p></p> <p class=3D"MsoPlainText"># next entry.<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># Legal entries are:<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># nis or yp&n= bsp;  = ; Use NIS (NIS version 2), also called YP<o:p></o:p></p> <p class=3D"MsoPlainText"># dns &= nbsp; &nbs= p; Use DNS (Domain Name Service)<o:p></o= :p></p> <p class=3D"MsoPlainText"># files = &nb= sp; Use the local files<o:p></o:p></p> <p class=3D"MsoPlainText"># db &nb= sp; = Use the local database (.db) fil= es<o:p></o:p></p> <p class=3D"MsoPlainText"># compat = ; &n= bsp; Use NIS on compat mode<o:p></o:p></p> <p class=3D"MsoPlainText"># hesiod = ; &n= bsp; Use Hesiod for user lookups<o:p></o:p></p> <p class=3D"MsoPlainText"># ldap &= nbsp; &nbs= p; Use LDAP (only if nss_ldap is installed)<o= :p></o:p></p> <p class=3D"MsoPlainText"># nisplus or = nis+ Use NIS+ (NIS = version 3), unsupported<o:p></o:p></p> <p class=3D"MsoPlainText"># [NOTFOUND= =3Dreturn] Stop searching if not found = so far<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># To use db, put the "db" in front of &= quot;files" for entries you want to be<o:p></o:p></p> <p class=3D"MsoPlainText"># looked up first in the databases<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># Example:<o:p></o:p></p> <p class=3D"MsoPlainText">#passwd: db files ldap nis<o:p>= </o:p></p> <p class=3D"MsoPlainText">#shadow: db files ldap nis<o:p>= </o:p></p> <p class=3D"MsoPlainText">#group: db files ldap nis= <o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">passwd: files<o:p></o:p><= /p> <p class=3D"MsoPlainText">shadow: files<o:p></o:p><= /p> <p class=3D"MsoPlainText">group: files<o:p></= o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">#hosts: db files ldap nis= dns<o:p></o:p></p> <p class=3D"MsoPlainText">hosts: files dns<o:= p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># Example - obey only what ldap tells us...<o:p><= /o:p></p> <p class=3D"MsoPlainText">#services: ldap [NOTFOUND=3Dreturn] files<o= :p></o:p></p> <p class=3D"MsoPlainText">#networks: ldap [NOTFOUND=3Dreturn] files<o= :p></o:p></p> <p class=3D"MsoPlainText">#protocols: ldap [NOTFOUND=3Dreturn] files<o:p></= o:p></p> <p class=3D"MsoPlainText">#rpc: ldap [N= OTFOUND=3Dreturn] files<o:p></o:p></p> <p class=3D"MsoPlainText">#ethers: ldap [NOTFOUND=3Dretur= n] files<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">bootparams: files<o:p></o:p></p> <p class=3D"MsoPlainText">ethers: files<o:p></o:p><= /p> <p class=3D"MsoPlainText">netmasks: files<o:p></o:p></p> <p class=3D"MsoPlainText">networks: files<o:p></o:p></p> <p class=3D"MsoPlainText">protocols: files<o:p></o:p></p> <p class=3D"MsoPlainText">rpc: fi= les<o:p></o:p></p> <p class=3D"MsoPlainText">services: files<o:p></o:p></p> <p class=3D"MsoPlainText">netgroup: files<o:p></o:p></p> <p class=3D"MsoPlainText">publickey: files<o:p></o:p></p> <p class=3D"MsoPlainText">automount: files<o:p></o:p></p> <p class=3D"MsoPlainText">aliases: files<o:p></o:p></p> <p class=3D"MsoPlainText">[root@ppdoldap01 etc]# uptime<o:p></o:p></p> <p class=3D"MsoPlainText">18:02:10 up 230 days, 10:53, 2 users, = load average: 0.95, 0.98, 0.92<o:p></o:p></p> <p class=3D"MsoPlainText">[root@ppdoldap01 etc]# more nscd.conf<o:p></o:p><= /p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># /etc/nscd.conf<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># An example Name Service Cache config file. = ; This file is needed by nscd.<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># Legal entries are:<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># logfile&nbs= p; &= nbsp; <file><o:p></o:p></p> <p class=3D"MsoPlainText"># debug-level= &l= t;level><o:p></o:p></p> <p class=3D"MsoPlainText"># threads&nbs= p; &= nbsp; <initial #threads to use><o:p></o:p></p> <p class=3D"MsoPlainText"># max-threads= &l= t;maximum #threads to use><o:p></o:p></p> <p class=3D"MsoPlainText"># server-user= &l= t;user to run server as instead of root><o:p></o:p></p> <p class=3D"MsoPlainText"># = server-user is ignored if nscd is star= ted with -S parameters<o:p></o:p></p> <p class=3D"MsoPlainText"># stat-user&n= bsp;  = ; <user who is allowed to request statistics><o:p></o:p></p> <p class=3D"MsoPlainText"># reload-coun= t unlimit= ed|<number><o:p></o:p></p> <p class=3D"MsoPlainText"># paranoia&nb= sp;  = ; <yes|no><o:p></o:p></p> <p class=3D"MsoPlainText"># restart-int= erval <time in seconds><o:p=
</o:p></p>
<p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># enable-cach= e <ser= vice> <yes|no><o:p></o:p></p> <p class=3D"MsoPlainText"># positive-ti= me-to-live <service> <time in seconds><o:p></o:p></= p> <p class=3D"MsoPlainText"># negative-ti= me-to-live <service> <time in seconds><o:p></o:p></= p> <p class=3D"MsoPlainText"># suggested-s= ize <service> &= lt;prime number><o:p></o:p></p> <p class=3D"MsoPlainText"># check-files= &l= t;service> <yes|no><o:p></o:p></p> <p class=3D"MsoPlainText"># persistent&= nbsp; &nbs= p; <service> <yes|no><o:p></o:p></p> <p class=3D"MsoPlainText"># shared = ; &n= bsp; <service> <yes|no><o:p></o:p></p> <p class=3D"MsoPlainText"># max-db-size= &l= t;service> <number bytes><o:p></o:p></p> <p class=3D"MsoPlainText"># auto-propag= ate <service> &= lt;yes|no><o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"># Currently supported cache names (services): pas= swd, group, hosts<o:p></o:p></p> <p class=3D"MsoPlainText">#<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># logfile&nbs= p; &= nbsp; /var/log/nscd.log<o:p></o:p></p> <p class=3D"MsoPlainText"># threads&nbs= p; &= nbsp; 6<o:p></o:p></p> <p class=3D"MsoPlainText"># max-threads= 12= 8<o:p></o:p></p> <p class=3D"MsoPlainText"> server-= user  = ; nscd<o:p></o:p></p> <p class=3D"MsoPlainText"># stat-user&n= bsp;  = ; nocpulse<o:p></o:p></p> <p class=3D"MsoPlainText"> debug-= level &nbs= p; 0<o:p></o:p></p> <p class=3D"MsoPlainText"># reload-coun= t 5<o:p><= /o:p></p> <p class=3D"MsoPlainText"> parano= ia &= nbsp; no<o:p></o:p></p> <p class=3D"MsoPlainText"># restart-int= erval 3600<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"> enable= -cache pa= sswd yes<o:p></o:p></= p> <p class=3D"MsoPlainText"> positi= ve-time-to-live passwd  = ; 600<o:p></o:p></p> <p class=3D"MsoPlainText"> negati= ve-time-to-live passwd  = ; 20<o:p></o:p></p> <p class=3D"MsoPlainText"> sugges= ted-size passwd = 211<o:p></o:p></p> <p class=3D"MsoPlainText"> check-= files &nbs= p; passwd yes<o:p></o= :p></p> <p class=3D"MsoPlainText"> persis= tent  = ; passwd yes<o:= p></o:p></p> <p class=3D"MsoPlainText"> shared= &nb= sp; passwd  = ; yes<o:p></o:p></p> <p class=3D"MsoPlainText"> max-db= -size &nbs= p; passwd 33554432<o:= p></o:p></p> <p class=3D"MsoPlainText"> auto-p= ropagate passwd = yes<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"> enable= -cache gr= oup yes<o:p></o= :p></p> <p class=3D"MsoPlainText"> positi= ve-time-to-live group = 3600<o:p></o:p></p> <p class=3D"MsoPlainText"> negati= ve-time-to-live group = 60<o:p></o:p></p> <p class=3D"MsoPlainText"> sugges= ted-size group &= nbsp; 211<o:p></o:p></p> <p class=3D"MsoPlainText"> check-= files &nbs= p; group yes<o:= p></o:p></p> <p class=3D"MsoPlainText"> persis= tent  = ; group y= es<o:p></o:p></p> <p class=3D"MsoPlainText"> shared= &nb= sp; group = yes<o:p></o:p></p> <p class=3D"MsoPlainText"> max-db= -size &nbs= p; group 335544= 32<o:p></o:p></p> <p class=3D"MsoPlainText"> auto-p= ropagate group &= nbsp; yes<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"> enable= -cache ho= sts yes<o:p></o= :p></p> <p class=3D"MsoPlainText"> positi= ve-time-to-live hosts  = ; 3600<o:p></o:p></p> <p class=3D"MsoPlainText"> negati= ve-time-to-live hosts = 20<o:p></o:p></p> <p class=3D"MsoPlainText"> sugges= ted-size hosts &= nbsp; 211<o:p></o:p></p> <p class=3D"MsoPlainText"> check-= files &nbs= p; hosts yes<o:= p></o:p></p> <p class=3D"MsoPlainText"> persis= tent  = ; hosts y= es<o:p></o:p></p> <p class=3D"MsoPlainText"> shared= &nb= sp; hosts = yes<o:p></o:p></p> <p class=3D"MsoPlainText"> max-db= -size &nbs= p; hosts 335544= 32<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[etc]# cat libuser.conf<o:p></o:p></p> <p class=3D"MsoPlainText"># This is a first-generation configuration file.&= nbsp; Eventually I'll rewrite<o:p></o:p></p> <p class=3D"MsoPlainText"># all of the configuration-reading code to use al= chemist, but for now this<o:p></o:p></p> <p class=3D"MsoPlainText"># will have to do.<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># Do not modify the default module list if you ca= re about unattended calls<o:p></o:p></p> <p class=3D"MsoPlainText"># to programs (i.e., scripts) working!<o:p></o:p>= </p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[defaults]<o:p></o:p></p> <p class=3D"MsoPlainText"># The default (/usr/lib*/libuser) is usually corr= ect<o:p></o:p></p> <p class=3D"MsoPlainText"># moduledir =3D /your/custom/directory<o:p></o:p>= </p> <p class=3D"MsoPlainText">skeleton =3D /etc/skel<o:p></o:p></p> <p class=3D"MsoPlainText">mailspooldir =3D /var/mail<o:p></o:p></p> <p class=3D"MsoPlainText">modules =3D files shadow<o:p></o:p></p> <p class=3D"MsoPlainText">create_modules =3D files shadow<o:p></o:p></p> <p class=3D"MsoPlainText">crypt_style =3D md5<o:p></o:p></p> <p class=3D"MsoPlainText"># modules =3D files shadow ldap krb5<o:p></o:p></= p> <p class=3D"MsoPlainText"># create_modules =3D ldap krb5<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[userdefaults]<o:p></o:p></p> <p class=3D"MsoPlainText">LU_USERNAME =3D %n<o:p></o:p></p> <p class=3D"MsoPlainText">LU_UIDNUMBER =3D 500<o:p></o:p></p> <p class=3D"MsoPlainText">LU_GIDNUMBER =3D %u<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_USERPASSWORD =3D !!<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_GECOS =3D %n<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_HOMEDIRECTORY =3D /home/%n<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_LOGINSHELL =3D /bin/bash<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWNAME =3D %n<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWPASSWORD =3D !!<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWLASTCHANGE =3D %d<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWMIN =3D 0<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWMAX =3D 99999<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWWARNING =3D 7<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWINACTIVE =3D -1<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWEXPIRE =3D -1<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_SHADOWFLAG =3D -1<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[groupdefaults]<o:p></o:p></p> <p class=3D"MsoPlainText">LU_GROUPNAME =3D %n<o:p></o:p></p> <p class=3D"MsoPlainText">LU_GIDNUMBER =3D 500<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_GROUPPASSWORD =3D !!<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_MEMBERUID =3D<o:p></o:p></p> <p class=3D"MsoPlainText"># LU_ADMINISTRATORUID =3D<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[files]<o:p></o:p></p> <p class=3D"MsoPlainText"># This is useful for the case where some master f= iles are used to<o:p></o:p></p> <p class=3D"MsoPlainText"># populate a different NSS mechanism which this w= orkstation uses.<o:p></o:p></p> <p class=3D"MsoPlainText"># directory =3D /etc<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[shadow]<o:p></o:p></p> <p class=3D"MsoPlainText"># This is useful for the case where some master f= iles are used to<o:p></o:p></p> <p class=3D"MsoPlainText"># populate a different NSS mechanism which this w= orkstation uses.<o:p></o:p></p> <p class=3D"MsoPlainText"># directory =3D /etc<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[ldap]<o:p></o:p></p> <p class=3D"MsoPlainText"># Setting these is always necessary.<o:p></o:p></= p> <p class=3D"MsoPlainText"># server =3D ldap<o:p></o:p></p> <p class=3D"MsoPlainText"># basedn =3D dc=3Dexample,dc=3Dcom<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># Setting these is rarely necessary, since it's u= sually correct.<o:p></o:p></p> <p class=3D"MsoPlainText"># userBranch =3D ou=3DPeople<o:p></o:p></p> <p class=3D"MsoPlainText"># groupBranch =3D ou=3DGroup<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># Set only if your administrative user uses simpl= e bind operations to<o:p></o:p></p> <p class=3D"MsoPlainText"># connect to the server.<o:p></o:p></p> <p class=3D"MsoPlainText"># binddn =3D cn=3DManager,dc=3Dexample,dc=3Dcom<o= :p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText"># Set this only if the default user (as determine= d by SASL) is incorrect<o:p></o:p></p> <p class=3D"MsoPlainText"># for SASL bind operations. Usually, it's c= orrect, so you'll rarely need<o:p></o:p></p> <p class=3D"MsoPlainText"># to set these.<o:p></o:p></p> <p class=3D"MsoPlainText"># user =3D Manager<o:p></o:p></p> <p class=3D"MsoPlainText"># authuser =3D Manager<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[krb5]<o:p></o:p></p> <p class=3D"MsoPlainText"># Set this only if it differs from the default in= /etc/krb5.conf.<o:p></o:p></p> <p class=3D"MsoPlainText"># realm =3D EXAMPLE.COM<o:p></o:p></p> <p class=3D"MsoPlainText"># Set this only if the default (currentuser/admin= ) will be incorrect.<o:p></o:p></p> <p class=3D"MsoPlainText"># principal =3D example/admin@EXAMPLE.COM<o:p></o= :p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">[sasl]<o:p></o:p></p> <p class=3D"MsoPlainText"># Set these only if your sasldb is only used by a= particular application, and<o:p></o:p></p> <p class=3D"MsoPlainText"># in a particular domain. The default (all = applications, all domains) is<o:p></o:p></p> <p class=3D"MsoPlainText"># probably correct for most installations.<o:p></= o:p></p> <p class=3D"MsoPlainText"># appname =3D imap<o:p></o:p></p> <p class=3D"MsoPlainText"># domain =3D EXAMPLE.COM<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">-----Original Message-----<br> From: masarati@aero.polimi.it [mailto:masarati@aero.polimi.it] <br> Sent: Friday, April 13, 2012 11:22 PM<br> To: VEERASWAMY PALANIAPPAN, NATARRAJAN(VPN)<br> Cc: openldap-its@openldap.org<br> Subject: Re: (ITS#7243) sudo: uid 14281 does not exist in the passwd file!<= /p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">> Full_Name: Natarrajan<o:p></o:p></p> <p class=3D"MsoPlainText">> Version: 2.2.13-7.4E<o:p></o:p></p> <p class=3D"MsoPlainText">> OS: RHEL4.5<o:p></o:p></p> <p class=3D"MsoPlainText">> URL: <a href=3D"ftp://ftp.openldap.org/incom= ing/"><span style=3D"color:windowtext;text-decoration:none">ftp://ftp.openl= dap.org/incoming/</span></a><o:p></o:p></p> <p class=3D"MsoPlainText">> Submission from: (NULL) (216.113.168.128)<o:= p></o:p></p> <p class=3D"MsoPlainText">><o:p> </o:p></p> <p class=3D"MsoPlainText">><o:p> </o:p></p> <p class=3D"MsoPlainText">> I am getting the following error frequently = in my ldap client machine.<o:p></o:p></p> <p class=3D"MsoPlainText">><o:p> </o:p></p> <p class=3D"MsoPlainText">> LDAPCLIENT ~> whoami<o:p></o:p></p> <p class=3D"MsoPlainText">> whoami: cannot find name for user ID 14281 L= DAPCLIENT ~> sudo -u qserv <o:p></o:p></p> <p class=3D"MsoPlainText">> ls<o:p></o:p></p> <p class=3D"MsoPlainText">> sudo: uid 14281 does not exist in the passwd= file!<o:p></o:p></p> <p class=3D"MsoPlainText">><o:p> </o:p></p> <p class=3D"MsoPlainText">> Let me know the fix for the issue.<o:p></o:p=
</p>
<p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">Upgrade (2.2.13 is about 10 years old now; 2.4.30= is the current release).<o:p></o:p></p> <p class=3D"MsoPlainText">Then, fix the configuration of your nss?<o:p></o:= p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> <p class=3D"MsoPlainText">p.<o:p></o:p></p> <p class=3D"MsoPlainText"><o:p> </o:p></p> </div> </body> </html>
--_000_4B4F50906B76C1459E6ABD9205FB8DE6A56580RHVEXRDAS51corpeb_--