RSS feed

Re: uidNumber: out of range

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: uidNumber: out of range

On Fri, 2014-06-20 at 14:49 +0200, Laurent Mistai wrote:
> Using ID in a console shell with id we have :
>         id testetu
>         uid=56621 gid=429502391 groupes=4294967295
> But when  use the version of  above nss-pam-ldapd   ( nss-pam-ldapd
> 0.8.13) on 14.04  :
> we have :
>         id testetu
>         id: testetu : utilisateur inexistant
> And with nslcd -d :
>         nslcd: [8b4567] <passwd="testetu"> 
> uid=testetu,ou=people,ou=univ,dc=domain,dc=org: uidNumber: out of range
>         nslcd: [8b4567] <passwd="testetu"> DEBUG: ldap_result(): end of 
> results (1 total)

The problem is probably in the data in your LDAP directory. The 0.8
series of nss-pam-ldapd includes some extra checks to detect integer
overflows and other LDAP parsing issues.

Can you provide output from ldapsearch showing the entry?

The uidNumber attribute is quite important and it cannot be easily
mangled because the mangling needs to happen in two directions: from the
LDAP server output to the user information and from the search for user
by uid to a search filter.

In 0.8 there is some special support for deriving the numeric uid from
objectSid (useful when using AD).

-- arthur - - --
To unsubscribe send an email to or see