|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Anton Gorlov 2:5059/37 21 Mar 2005 21:56:20
To : All
Subject : nss_ldap
--------------------------------------------------------------------------------
Какая-то непонятная проблема с nss_ldap или его окружении. Под рутом делаю
id vasya -всё наместе. Делаю тоже самое под простым пользователем id vasya -мне
говорят, что нет такого пользователя. Hо тем не менее этот пользователь (vasya)
может спокойно входить в систему. если сделать su -vasya то мне говорят,что не
могут определить имя для его gid'a (кажется так).
Система -Alt linux Master 2.4 +апдейты не первой свежести. У человека из
расслыки ldap (AT) lists.osdn.org.ua мои конфиги взлетели на сизифе.
Вот вырезка /etc/ldap.conf:
==== заливка "Windows Clipboard" ====
host 127.0.0.1
# базовая "ветка"
base dc=samba
uri ldap://127.0.0.1/
ldap_version 3
bindpw 123456
rootbinddn cn=adminr,dc=samba
port 389
scope one
pam_filter objectclass=posixAccount
pam_login_attribute uid
pam_member_attribute gid
pam_password crypt
nss_base_passwd ou=Users,dc=samba?one
nss_base_shadow ou=Users,dc=samba?one
nss_base_group ou=Groups,dc=samba?one
pam_password md5
==== конец "Windows Clipboard" ====
Hа всякий пожарный /etc/pam.d/system-auth
==== заливка "Windows Clipboard" ====
#%PAM-1.0
auth sufficient /lib/security/pam_tcb.so shadow fork prefix=$2a$ count=8
nullok
auth required /lib/security/pam_ldap.so use_first_pass
account sufficient /lib/security/pam_tcb.so shadow fork
account required /lib/security/pam_ldap.so
password required /lib/security/pam_passwdqc.so min=disabled,24,12,8,7 max=40
passphrase=3 match=4 similar=deny random=42 enforce=users retry=3
password sufficient /lib/security/pam_ldap.so use_authok
password required /lib/security/pam_tcb.so use_authtok shadow fork prefix=$2a$
count=8 write_to=tcb
session required /lib/security/pam_limits.so
session sufficient /lib/security/pam_ldap.so
session required /lib/security/pam_tcb.so nolog
==== конец "Windows Clipboard" ====
/etc/pam.d/system-auth-use_first_pass
==== заливка "Windows Clipboard" ====
#%PAM-1.0
auth sufficient /lib/security/pam_tcb.so shadow fork prefix=$2a$ count=8 nullok
use_first_pass
auth required /lib/security/pam_ldap.so use_first_pass
password sufficient /lib/security/pam_ldap.so use_authok
password required /lib/security/pam_tcb.so use_authtok shadow fork prefix=$2a$
count=8 write_to=tcb
==== конец "Windows Clipboard" ====
nsswitch.conf
==== заливка "Windows Clipboard" ====
passwd: files ldap nisplus nis
shadow: tcb files ldap nisplus nis
group: files ldap nisplus nis
hosts: files nisplus nis dns
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
bootparams: nisplus [NOTFOUND=return] files
netgroup: nisplus
publickey: nisplus
automount: files nisplus
aliases: files nisplus
==== конец "Windows Clipboard" ====
Hу и на всякий случай ldif базы:
==== заливка "Windows Clipboard" ====
dn:dc=samba
objectClass: dcObject
objectClass: organization
dc: samba
o:: c2FtYmEJICAgIA==
structuralObjectClass: organization
entryUUID: 19ed1900-289d-1029-8805-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062153Z
entryCSN: 2005031406:21:53Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062153Z
subschemaSubentry: cn=Subschema
hasSubordinates: TRUE
dn:ou=Users,dc=samba
objectClass: organizationalUnit
ou: Users
structuralObjectClass: organizationalUnit
entryUUID: 2aa3598a-289d-1029-8806-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0002#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: TRUE
dn:ou=Groups,dc=samba
objectClass: organizationalUnit
ou: Groups
structuralObjectClass: organizationalUnit
entryUUID: 2aa75aee-289d-1029-8807-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0003#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: TRUE
dn:ou=Computers,dc=samba
objectClass: organizationalUnit
ou: Computers
structuralObjectClass: organizationalUnit
entryUUID: 2aa98be8-289d-1029-8808-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0004#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:ou=Idmap,dc=samba
objectClass: organizationalUnit
ou: Idmap
structuralObjectClass: organizationalUnit
entryUUID: 2aac0cd8-289d-1029-8809-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0005#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=NextFreeUnixId,dc=samba
objectClass: inetOrgPerson
objectClass: sambaUnixIdPool
gidNumber: 1000
cn: NextFreeUnixId
sn: NextFreeUnixId
structuralObjectClass: inetOrgPerson
entryUUID: 2aaee322-289d-1029-880a-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
uidNumber: 1004
entryCSN: 2005031407:34:11Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314073411Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:uid=Administrator,ou=Users,dc=samba
cn: Administrator
sn: Administrator
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 512
uid: Administrator
uidNumber: 0
homeDirectory: /home/Administrator
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaHomePath: \\PDC-SMB3\home\Administrator
sambaHomeDrive: H:
sambaProfilePath: \\PDC-SMB3\profiles\Administrator\
sambaPrimaryGroupSID: S-1-5-21-3119114665-4043155502-4189252309-512
sambaLMPassword: XXX
sambaNTPassword: XXX
sambaAcctFlags: [U ]
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-2996
loginShell: /bin/false
gecos: Netbios Domain Administrator
structuralObjectClass: inetOrgPerson
entryUUID: 2ab657b0-289d-1029-880b-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0007#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:uid=nobody,ou=Users,dc=samba
cn: nobody
sn: nobody
objectClass: inetOrgPerson
objectClass: sambaSAMAccount
objectClass: posixAccount
objectClass: shadowAccount
gidNumber: 514
uid: nobody
uidNumber: 999
homeDirectory: /dev/null
sambaPwdLastSet: 0
sambaLogonTime: 0
sambaLogoffTime: 2147483647
sambaKickoffTime: 2147483647
sambaPwdCanChange: 0
sambaPwdMustChange: 2147483647
sambaHomePath: \\PDC-SMB3\home\nobody
sambaHomeDrive: H:
sambaProfilePath: \\PDC-SMB3\profiles\nobody
sambaPrimaryGroupSID: S-1-5-21-3119114665-4043155502-4189252309-514
sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX
sambaAcctFlags: [NU ]
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-2998
loginShell: /bin/false
structuralObjectClass: inetOrgPerson
entryUUID: 2abe8a84-289d-1029-880c-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0008#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Domain Admins,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 512
cn: Domain Admins
memberUid: Administrator
description: Netbios Domain Administrators
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-512
sambaGroupType: 2
displayName: Domain Admins
structuralObjectClass: posixGroup
entryUUID: 2ac2d3a0-289d-1029-880d-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x0009#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Domain Users,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 513
cn: Domain Users
description: Netbios Domain Users
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-513
sambaGroupType: 2
displayName: Domain Users
structuralObjectClass: posixGroup
entryUUID: 2ac64116-289d-1029-880e-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
memberUid: stalker
memberUid: testuser
entryCSN: 2005031407:35:52Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314073552Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Domain Guests,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 514
cn: Domain Guests
description: Netbios Domain Guests Users
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-514
sambaGroupType: 2
displayName: Domain Guests
structuralObjectClass: posixGroup
entryUUID: 2ac9e2a8-289d-1029-880f-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x000b#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Print Operators,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 550
cn: Print Operators
description: Netbios Domain Print Operators
sambaSID: S-1-5-32-550
sambaGroupType: 5
displayName: Print Operators
structuralObjectClass: posixGroup
entryUUID: 2acd6518-289d-1029-8810-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x000c#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Backup Operators,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 551
cn: Backup Operators
description: Netbios Domain Members can bypass file security to back up files
sambaSID: S-1-5-32-551
sambaGroupType: 5
displayName: Backup Operators
structuralObjectClass: posixGroup
entryUUID: 2ad1a254-289d-1029-8811-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x000d#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:cn=Replicators,ou=Groups,dc=samba
objectClass: posixGroup
objectClass: sambaGroupMapping
gidNumber: 552
cn: Replicators
description: Netbios Domain Supports file replication in a sambaDomainName
sambaSID: S-1-5-32-552
sambaGroupType: 5
displayName: Replicators
structuralObjectClass: posixGroup
entryUUID: 2ad53176-289d-1029-8812-d4c7d48a2f3f
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314062221Z
entryCSN: 2005031406:22:21Z#0x000e#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314062221Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:uid=stalker,ou=Users,dc=samba
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: stalker
sn: stalker
uid: stalker
uidNumber: 1000
homeDirectory: /home/stalker
gecos: System User
description: System User
structuralObjectClass: inetOrgPerson
entryUUID: 60b0839e-289e-1029-9e6b-9d506c7dcffa
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314063101Z
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-2000
sambaPrimaryGroupSID: S-1-5-21-3119114665-4043155502-4189252309-2001
displayName: anton
sambaPwdMustChange: 2147483647
sambaAcctFlags: [U ]
gidNumber: 512
sambaPwdCanChange: 1110948935
sambaLMPassword: 44EFCE164AB921CAAAD3B435B51404EE
sambaNTPassword: 32ED87BDB5FDC5E9CBA88547376818D4
sambaPwdLastSet: 1110948935
entryCSN: 2005031604:55:35Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050316045535Z
userPassword: {SMD5}P+/CpnLnGBnfPzHQMx91WQ7moX0=
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:sambaDomainName=VMSTALKER,dc=samba
sambaDomainName: VMSTALKER
sambaSID: S-1-5-21-3119114665-4043155502-4189252309
sambaAlgorithmicRidBase: 1000
objectClass: sambaDomain
structuralObjectClass: sambaDomain
entryUUID: 89e509c4-289e-1029-9e6c-9d506c7dcffa
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314063210Z
entryCSN: 2005031406:32:10Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050314063210Z
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:uid=testuser,ou=Users,dc=samba
objectClass: top
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: sambaSamAccount
cn: testuser
sn: testuser
uid: testuser
uidNumber: 1002
gidNumber: 513
homeDirectory: /home/testuser
gecos: System User
description: System User
structuralObjectClass: inetOrgPerson
entryUUID: 6cdce2d0-28a2-1029-91c2-9e28eaeeb3ff
creatorsName: cn=admin,dc=samba
createTimestamp: 20050314065959Z
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-2002
sambaPrimaryGroupSID: S-1-5-21-3119114665-4043155502-4189252309-2003
sambaPwdMustChange: 2147483647
sambaAcctFlags: [U ]
loginShell: /bin/false
sambaLMPassword: 7E4A072A9B79B2C4AAD3B435B51404EE
sambaNTPassword: 117C45B86F0EB51467D24AF3C306298A
sambaPwdCanChange: 1111001976
sambaPwdLastSet: 1111001976
entryCSN: 2005031619:39:36Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050316193936Z
userPassword: {SMD5}Fo/SQ/YrFK8AOBUDFYSByGp/QHQ=
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
dn:uid=vasya,ou=Users,dc=samba
uid: vasya
givenName: vasya
sn: vasya
cn: vasya vasya
uidNumber: 1010
homeDirectory: /home/vasya
shadowMin: -1
shadowMax: 999999
shadowWarning: 7
shadowInactive: -1
shadowExpire: -1
shadowFlag: 0
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
objectClass: inetOrgPerson
objectClass: sambaSamAccount
structuralObjectClass: inetOrgPerson
entryUUID: 13f6b890-2dd8-1029-87f6-98d0afe8c4ed
creatorsName: cn=admin,dc=samba
createTimestamp: 20050320220639Z
shadowLastChange: 12862
sambaSID: S-1-5-21-3119114665-4043155502-4189252309-3020
sambaPrimaryGroupSID: S-1-5-21-3119114665-4043155502-4189252309-1021
displayName: vasya vasya
sambaPwdMustChange: 2147483647
sambaLMPassword: A603544150D7AD05AAD3B435B51404EE
sambaNTPassword: 6E232E2C4564D07FAB34641AF1420F3B
sambaAcctFlags: [U ]
gidNumber: 512
loginShell: /bin/sh
sambaPwdCanChange: 1111363579
sambaPwdLastSet: 1111363579
entryCSN: 2005032100:06:19Z#0x0001#0#0000
modifiersName: cn=admin,dc=samba
modifyTimestamp: 20050321000619Z
userPassword: {SMD5}4BFcaJLE2aud8K6eZB+Ycv7lpJU=
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE
==== конец "Windows Clipboard" ====
С уважением. Anton aka Stalker
np: silence ( Winamp ушел в Партизаны ;-)
[#*TEAM:*#] [#_Злой СисОп_#] [*Heavy Metal-лyчший дpyг, этo знaют вce вoкpyг!*]
--- GoldED+/W32 1.1.5-041013
* Origin: И на его надгpобном камне уж высечен посмеpтный дамп (2:5059/37)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
nss_ldap |
Anton Gorlov |
21 Mar 2005 21:56:20 |
 nss_ldap |
Anton Gorlov |
21 Mar 2005 22:19:00 |
 Re: nss_ldap |
Aleksey Barabanov |
22 Mar 2005 00:36:03 |
 nss_ldap |
Anton Gorlov |
22 Mar 2005 21:25:58 |
|
Re: nss_ldap |
Aleksey Barabanov |
22 Mar 2005 23:30:34 |
|
nss_ldap |
Anton Gorlov |
23 Mar 2005 21:00:28 |
|
|
