Re: nss_initgroups_ignoreusers ALLLOCAL issue

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Michael Ströder <michael [at] stroeder.com>
To: nss-pam-ldapd-users <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: nss_initgroups_ignoreusers ALLLOCAL issue
Date: Tue, 16 May 2017 15:18:33 +0200

mh@ow2.org wrote:
> Le 16/05/2017 à 10:44, Jakub Jindra a écrit :
>> But as I tried in the past, you can leave duplicate usernames, PAM will
>> accept both. F.e. on the filesystem you can work normally with files no
>> matter if you logged in using LDAP or static user. But the user will
>> have 2 different uidNumbers (one from /etc/passwd, one from LDAP) and so
>> files created by LDAP user will have f.e. owner with numeric id 10000
>> and files created by system user will be owned by with numeric id 10005. 
> 
> Right. But isn't against Arthur recommendation as per nscd ?
>  (username and ids should be unique) ?

Also my strong recommendation is to clean up uid/uidNumber mess in the LDAP 
directory and
not muck around with inconsistent user entries.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/

Re: nss_initgroups_ignoreusers ALLLOCAL issue, (continued)

Prev by Date: Re: nss_initgroups_ignoreusers ALLLOCAL issue
Next by Date: Re: nss_initgroups_ignoreusers ALLLOCAL issue
Previous by thread: Re: nss_initgroups_ignoreusers ALLLOCAL issue
Next by thread: Re: nss_initgroups_ignoreusers ALLLOCAL issue