I know C6 client -> C5 ldap server works. I have a couple of systems that do it. I have one crazy system that just went into production that does not properly authenticate. Here is the scenario: 1. "getent passwd" will show *all* users *and* passwords. 2. "getent passwd USERNAME" will show all user info and *NOT* the password(the field is a "*").

Has anyone come across this behavior? There must be some option I messed up and did not realize it. I have checked for differences from a working system in nsswitch.conf, authconfig, sssd.conf, pam_ldap.conf, nslcd.conf and ldap.conf with no luck. I have looked at "rpm -V openldap" and "rpm -V openldap-clients" with no luck. This is making me crazy! It has to be something simple.

Additionally, I have "nscd -i passwd" and tried to stop/start both the nslcd and nscd daemons. Google has not been of very much help with the pattern of search I've tried so far, either...

Thanks for any help

pj