Re: [nssldap] nssldap group retrieve problem
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [nssldap] nssldap group retrieve problem
- From: Arthur de Jong <arthur [at] ch.tudelft.nl>
- To: jagers <jager [at] e-tiger.net>
- Cc: nssldap [at] padl.com
- Subject: Re: [nssldap] nssldap group retrieve problem
- Date: Wed, 26 Sep 2007 22:31:07 +0200
On Tue, 2007-09-25 at 14:14 -0700, jagers wrote:
> I'm using a fedora 5 system, with nss ldap 0.2.1 and fedora-ds 1.0.4,
> and I have a problem with group queries...
You are actually using nss-ldapd (note the D at the end) and not
nss_ldap, so this is not the right list.
> when I'm trying to query all users with the (set-get-end)grent
> functions, I think it is nslcd_group_all in the source, I always get
> only 20 group entries, but there are 127 entries in the directory.
> I also checked the ldap access logs, which says it found 127 entries,
> I think they are given to the nslcd correctly. I'm not using indexes
> on the directory, and ldapsearch gives me corrent answers with the
> same filter nssldap uses.
> besides this, user queries are working fine!
> can anyone help me with this?
The problem may be that one of the entries is not liked by nss-ldapd.
Current handling of invalid or problematic entries is a bit off in nslcd
(assuming you get 20 group entries from LDAP and not 20 entries total).
You could try starting nslcd with the -d switch to get some debugging
output. Or you could try to pinpoint the LDAP entry that causes the
problems.
Anyway, nss-ldapd 0.2.1 has been replaced by a 0.3 release (and soon a
0.4 release will follow). I suggest you upgrade since nss-ldapd is still
under development and 0.3 fixes a number of known problems in 0.2.1 (and
probably some unknown ones as well).
--
-- arthur - arthur@ch.tudelft.nl - http://ch.tudelft.nl/~arthur --