nss_ldap - was: SAMBA 3.0.2 PDC + (open)ldap backend

Miroslav Vancl miroslav.vancl na qris.cz
Středa Únor 25 22:04:39 CET 2004


Michal Žejdl wrote:

>     No podle mého názoru nss_ldap číst heslo nechce, používá normálně
> bind daného uživatele na ověřování/změnu hesla a anonymní přístup pro
> hledání uid, gid...
>     Možná vám pomůže read pro všechny a na všechno krom hesel.
>     Když zavoláte na pomoc kamarády slapd -d 256 nebo ethereal, tak
> určitě brzy zjistíte, co té sambě schází.
> --
> Michal Žejdl

Není tomu tak, seznam atributů čtených při getpwnap() je dost bohatý.
Tohle je obsah logu slapd (loglevel=4) při getpwnam("p01861").
Nejdřív volání s id=0:
===
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:03 sambaii slapd[16307]: ==> ldbm_back_bind: dn:
cn=manager,dc=setuza,dc=cz
Feb 25 21:37:03 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:03 sambaii slapd[16311]: SRCH "dc=setuza,dc=cz" 2 0
Feb 25 21:37:03 sambaii slapd[16311]:     1 0 0
Feb 25 21:37:03 sambaii slapd[16311]:     filter:
(&(objectClass=posixAccount)(uid=p01861))
Feb 25 21:37:03 sambaii slapd[16311]:     attrs:
Feb 25 21:37:03 sambaii slapd[16311]:  uid
Feb 25 21:37:03 sambaii slapd[16311]:  userPassword
Feb 25 21:37:03 sambaii slapd[16311]:  uidNumber
Feb 25 21:37:03 sambaii slapd[16311]:  gidNumber
Feb 25 21:37:03 sambaii slapd[16311]:  cn
Feb 25 21:37:03 sambaii slapd[16311]:  homeDirectory
Feb 25 21:37:03 sambaii slapd[16311]:  loginShell
Feb 25 21:37:03 sambaii slapd[16311]:  gecos
Feb 25 21:37:03 sambaii slapd[16311]:  description
Feb 25 21:37:03 sambaii slapd[16311]:  objectClass
Feb 25 21:37:03 sambaii slapd[16311]:
Feb 25 21:37:03 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:03 sambaii slapd[16303]: connection_get(9)

===
A teď při volání s uid=99 (nobody) - getpwnam("p01861") vrátil NULL:
===
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16307]: ==> ldbm_back_bind: dn:
cn=manager,dc=setuza,dc=cz
Feb 25 21:37:46 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16311]: SRCH "ou=Groups,dc=setuza,dc=cz" 1 0
Feb 25 21:37:46 sambaii slapd[16311]:     0 0 0
Feb 25 21:37:46 sambaii slapd[16311]:     filter:
(&(objectClass=posixGroup)(memberUid=nobody))
Feb 25 21:37:46 sambaii slapd[16311]:     attrs:
Feb 25 21:37:46 sambaii slapd[16311]:  cn
Feb 25 21:37:46 sambaii slapd[16311]:  userPassword
Feb 25 21:37:46 sambaii slapd[16311]:  memberUid
Feb 25 21:37:46 sambaii slapd[16311]:  gidNumber
Feb 25 21:37:46 sambaii slapd[16311]:
Feb 25 21:37:46 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16307]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
Feb 25 21:37:46 sambaii slapd[16311]: SRCH "dc=setuza,dc=cz" 2 0
Feb 25 21:37:46 sambaii slapd[16311]:     1 0 0
Feb 25 21:37:46 sambaii slapd[16311]:     filter:
(&(objectClass=posixAccount)(uid=p01861))
Feb 25 21:37:46 sambaii slapd[16311]:     attrs:
Feb 25 21:37:46 sambaii slapd[16311]:  uid
Feb 25 21:37:46 sambaii slapd[16311]:  userPassword
Feb 25 21:37:46 sambaii slapd[16311]:  uidNumber
Feb 25 21:37:46 sambaii slapd[16311]:  gidNumber
Feb 25 21:37:46 sambaii slapd[16311]:  cn
Feb 25 21:37:46 sambaii slapd[16311]:  homeDirectory
Feb 25 21:37:46 sambaii slapd[16311]:  loginShell
Feb 25 21:37:46 sambaii slapd[16311]:  gecos
Feb 25 21:37:46 sambaii slapd[16311]:  description
Feb 25 21:37:46 sambaii slapd[16311]:  objectClass
Feb 25 21:37:46 sambaii slapd[16311]:
Feb 25 21:37:46 sambaii slapd[16311]: send_ldap_result: err=0 matched=""
text=""
Feb 25 21:37:46 sambaii slapd[16303]: connection_get(9)
===
M. Vancl



Další informace o konferenci Linux