Re: Mapping question.

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "eRIC" <fremeneric [at] gmail.com>
To: <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: Mapping question.
Date: Mon, 26 Oct 2015 16:27:18 -0400

Hi,

I have tried your suggestion with no success. The server is a Microsoftserver.

One thing I notice is that to be succesfull, my ldapsearch need not to use"(&(objectClass=posixAccount)(uid=sleduc))".But when I look at the trace from the login of nslcd -d, it is adding thisinto its myldap_search by default.


filter="(&(objectClass=posixAccount)(cn=sleduc))")

So I tried to change the filter as I saw in a past post to "filter passwd cnuid" so I got an


filter="(&(cn=uid)(cn=sleduc))")

But it didn't help much.


So I looked at the trace to better understand what's going on on a login.

It is always doing a search first of the user right when typing the user id? (the "myldap_search" call)

nslcd: [7b23c6] DEBUG: connection from pid=14162 uid=0 gid=0
nslcd: [7b23c6] <passwd="sleduc"> DEBUG:myldap_search(base="ou=users,ou=ion,dc=ionharris,dc=com",filter="(&(cn=uid)(cn=sleduc))")nslcd: [7b23c6] <passwd="sleduc"> DEBUG: ldap_result(): end of results (0total)



Then it does another search when typing the password.

nslcd: [3c9869] DEBUG: connection from pid=14162 uid=0 gid=0
nslcd: [3c9869] <authc="sleduc"> DEBUG:nslcd_pam_authc("sleduc","sshd","***")nslcd: [3c9869] <authc="sleduc"> DEBUG:myldap_search(base="ou=users,ou=ion,dc=ionharris,dc=com",filter="(&(cn=uid)(cn=sleduc))")nslcd: [3c9869] <authc="sleduc"> DEBUG: ldap_result(): end of results (0total)nslcd: [3c9869] <authc="sleduc"> DEBUG: "sleduc": user not found: No suchobject


Thanks

Eric

-----Message d'origine-----From: Arthur de Jong

Sent: Friday, October 23, 2015 4:04 AM
To: nss-pam-ldapd-users@lists.arthurdejong.org
Subject: Re: Mapping question.

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see

http://lists.arthurdejong.org/nss-pam-ldapd-users/

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/

Mapping question., eRIC
- Re: Mapping question., Arthur de Jong
  - Re: Mapping question., eRIC
    - Re: Mapping question., Arthur de Jong
      - Re: Mapping question., eRIC

Prev by Date: Re: Mapping question.
Next by Date: Re: Mapping question.
Previous by thread: Re: Mapping question.
Next by thread: Re: Mapping question.