lists.arthurdejong.org
RSS feed

Re: [0.9.x] Invalid nslcd version id: 0x01000000 in Centos7.9

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: [0.9.x] Invalid nslcd version id: 0x01000000 in Centos7.9



On Thu, 2022-05-26 at 11:47 +0800, 杨柳青又青 wrote:
> In order to use nss_disable_enumeration , I tried to install
> different 0.9.x version but all report 'invalid nslcd version' while
> doing search or while user login.

The "invalid nslcd version" error is caused by the NSS and PAM modules
not matching the version of the nslcd binary. Between 0.8.x and 0.9.x
the protocol between the components changed that means you cannot use
an NSS module (libnss_ldap.so.2, typically stored in /lib or /usr/lib
somewhere) or PAM module (pam_ldap.so, typically stored in
/lib/security or somewhere similar) from version 0.8.x with an nslcd
version 0.9.x.

For support on a particular RPM package I would suggest contacting the
author of those packages. OS-specific distributions tend to differ
widely (e.g. some split the PAM and NSS modules to separate pages,
others don't).

If you use nscd or unscd on the system I recommend restarting that if
you change the NSS module. Otherwise nscd will heep the old NSS module
loaded in memory and not talk the correct protocol version to nslcd.

Hope this helps,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --