Re: uidNumber: out of range
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: uidNumber: out of range
- From: Arthur de Jong <arthur [at] arthurdejong.org>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: uidNumber: out of range
- Date: Fri, 20 Jun 2014 15:01:24 +0200
On Fri, 2014-06-20 at 14:49 +0200, Laurent Mistai wrote:
> Using ID in a console shell with id we have :
> id testetu
> uid=56621 gid=429502391 groupes=4294967295
> But when use the version of above nss-pam-ldapd ( nss-pam-ldapd
> 0.8.13) on 14.04 :
> we have :
>
> id testetu
> id: testetu : utilisateur inexistant
> And with nslcd -d :
>
> nslcd: [8b4567] <passwd="testetu">
> uid=testetu,ou=people,ou=univ,dc=domain,dc=org: uidNumber: out of range
> nslcd: [8b4567] <passwd="testetu"> DEBUG: ldap_result(): end of
> results (1 total)
The problem is probably in the data in your LDAP directory. The 0.8
series of nss-pam-ldapd includes some extra checks to detect integer
overflows and other LDAP parsing issues.
Can you provide output from ldapsearch showing the entry?
The uidNumber attribute is quite important and it cannot be easily
mangled because the mangling needs to happen in two directions: from the
LDAP server output to the user information and from the search for user
by uid to a search filter.
In 0.8 there is some special support for deriving the numeric uid from
objectSid (useful when using AD).
--
-- arthur - arthur@arthurdejong.org - http://arthurdejong.org/ --
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
