lists.arthurdejong.org
RSS feed

Re: Mapping question.

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Mapping question.



Hi,

I have tried your suggestion with no success. The server is a Microsoft server.

One thing I notice is that to be succesfull, my ldapsearch need not to use "(&(objectClass=posixAccount)(uid=sleduc))". But when I look at the trace from the login of nslcd -d, it is adding this into its myldap_search by default.

filter="(&(objectClass=posixAccount)(cn=sleduc))")

So I tried to change the filter as I saw in a past post to "filter passwd cn uid" so I got an

filter="(&(cn=uid)(cn=sleduc))")

But it didn't help much.


So I looked at the trace to better understand what's going on on a login.

It is always doing a search first of the user right when typing the user id ? (the "myldap_search" call)

nslcd: [7b23c6] DEBUG: connection from pid=14162 uid=0 gid=0
nslcd: [7b23c6] <passwd="sleduc"> DEBUG: myldap_search(base="ou=users,ou=ion,dc=ionharris,dc=com", filter="(&(cn=uid)(cn=sleduc))") nslcd: [7b23c6] <passwd="sleduc"> DEBUG: ldap_result(): end of results (0 total)


Then it does another search when typing the password.

nslcd: [3c9869] DEBUG: connection from pid=14162 uid=0 gid=0
nslcd: [3c9869] <authc="sleduc"> DEBUG: nslcd_pam_authc("sleduc","sshd","***") nslcd: [3c9869] <authc="sleduc"> DEBUG: myldap_search(base="ou=users,ou=ion,dc=ionharris,dc=com", filter="(&(cn=uid)(cn=sleduc))") nslcd: [3c9869] <authc="sleduc"> DEBUG: ldap_result(): end of results (0 total) nslcd: [3c9869] <authc="sleduc"> DEBUG: "sleduc": user not found: No such object

Thanks

Eric

-----Message d'origine----- From: Arthur de Jong
Sent: Friday, October 23, 2015 4:04 AM
To: nss-pam-ldapd-users@lists.arthurdejong.org
Subject: Re: Mapping question.

--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/