nss_ldap - was: SAMBA 3.0.2 PDC + (open)ldap backend
Miroslav Vancl
miroslav.vancl na qris.cz
Středa Únor 25 22:04:39 CET 2004
Michal Žejdl wrote:
> No podle mého názoru nss_ldap číst heslo nechce, používá normálně
> bind daného uživatele na ověřování/změnu hesla a anonymní přístup pro
> hledání uid, gid...
> Možná vám pomůže read pro všechny a na všechno krom hesel.
> Když zavoláte na pomoc kamarády slapd -d 256 nebo ethereal, tak
> určitě brzy zjistíte, co té sambě schází.
> --
> Michal Žejdl
Není tomu tak, seznam atributů čtených při getpwnap() je dost bohatý.
Tohle je obsah logu slapd (loglevel=4) při getpwnam("p01861").
Nejdřív volání s id=0:
===
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:03 sambaii slapd[16307]: ==> ldbm_back_bind: dn:
cn=manager,dc=setuza,dc=cz
Feb 25 21:37:03 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:03 sambaii slapd[16311]: SRCH "dc=setuza,dc=cz" 2 0
Feb 25 21:37:03 sambaii slapd[16311]: 1 0 0
Feb 25 21:37:03 sambaii slapd[16311]: filter:
(&(objectClass=posixAccount)(uid=p01861))
Feb 25 21:37:03 sambaii slapd[16311]: attrs:
Feb 25 21:37:03 sambaii slapd[16311]: uid
Feb 25 21:37:03 sambaii slapd[16311]: userPassword
Feb 25 21:37:03 sambaii slapd[16311]: uidNumber
Feb 25 21:37:03 sambaii slapd[16311]: gidNumber
Feb 25 21:37:03 sambaii slapd[16311]: cn
Feb 25 21:37:03 sambaii slapd[16311]: homeDirectory
Feb 25 21:37:03 sambaii slapd[16311]: loginShell
Feb 25 21:37:03 sambaii slapd[16311]: gecos
Feb 25 21:37:03 sambaii slapd[16311]: description
Feb 25 21:37:03 sambaii slapd[16311]: objectClass
Feb 25 21:37:03 sambaii slapd[16311]:
Feb 25 21:37:03 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)
===
A teď při volání s uid=99 (nobody) - getpwnam("p01861") vrátil NULL:
===
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16307]: ==> ldbm_back_bind: dn:
cn=manager,dc=setuza,dc=cz
Feb 25 21:37:46 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16311]: SRCH "ou=Groups,dc=setuza,dc=cz" 1 0
Feb 25 21:37:46 sambaii slapd[16311]: 0 0 0
Feb 25 21:37:46 sambaii slapd[16311]: filter:
(&(objectClass=posixGroup)(memberUid=nobody))
Feb 25 21:37:46 sambaii slapd[16311]: attrs:
Feb 25 21:37:46 sambaii slapd[16311]: cn
Feb 25 21:37:46 sambaii slapd[16311]: userPassword
Feb 25 21:37:46 sambaii slapd[16311]: memberUid
Feb 25 21:37:46 sambaii slapd[16311]: gidNumber
Feb 25 21:37:46 sambaii slapd[16311]:
Feb 25 21:37:46 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16311]: SRCH "dc=setuza,dc=cz" 2 0
Feb 25 21:37:46 sambaii slapd[16311]: 1 0 0
Feb 25 21:37:46 sambaii slapd[16311]: filter:
(&(objectClass=posixAccount)(uid=p01861))
Feb 25 21:37:46 sambaii slapd[16311]: attrs:
Feb 25 21:37:46 sambaii slapd[16311]: uid
Feb 25 21:37:46 sambaii slapd[16311]: userPassword
Feb 25 21:37:46 sambaii slapd[16311]: uidNumber
Feb 25 21:37:46 sambaii slapd[16311]: gidNumber
Feb 25 21:37:46 sambaii slapd[16311]: cn
Feb 25 21:37:46 sambaii slapd[16311]: homeDirectory
Feb 25 21:37:46 sambaii slapd[16311]: loginShell
Feb 25 21:37:46 sambaii slapd[16311]: gecos
Feb 25 21:37:46 sambaii slapd[16311]: description
Feb 25 21:37:46 sambaii slapd[16311]: objectClass
Feb 25 21:37:46 sambaii slapd[16311]:
Feb 25 21:37:46 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
===
M. Vancl
Další informace o konferenci Linux