[nssldap] Strange nss library behavior with OL 2.4.7

[Tony Earnshaw <tonni [at] hetnet.nl>]

Hi list,

Maybe someone knows? Can't really ask or report an ITS on the OL list, 
since there's nothing wrong on OL's part.

I just built and installed OL 2.4.7 rpms (Buchan's spec) on FC6. Was 
previously running 2.4.6 (but also 2.3.39 is installed, can have both at 
once).

I get this:

1063 [root:tru.leerlingen] /root # ldapsearch2.4 -x 'uid=sammy' \
 gidnumber
# extended LDIF
#
# LDAPv3
# base <dc=billy,dc=demon,dc=nl> (default) with scope subtree
# filter: uid=sammy
# requesting: gidnumber
#

# sammy, katter, groups, billy.demon.nl
dn: cn=sammy,cn=katter,ou=groups,dc=billy,dc=demon,dc=nl
gidNumber: 1004

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
1004
Ok, nothing wrong there. (Sammy is only present in ldap, not in passwd).

But:

1064 [root:tru.leerlingen] /root # id sammy
uid=516 gid=1004 groups=4294967295,1004

1066 [root:tru.leerlingen] /root # getent group katter
katter:*:1004:billy,evy,frigg,kvikk,sammy,tonni

1068 [root:tru.leerlingen] /root # id hanne
uid=502 gid=1000 groups=4294967295,1000,5005

1069 [root:tru.leerlingen] /root # getent group people
people:*:1000:damen,goran,hanne,pete,torgeir,chalkie

All ldap users get given the non-existent gidnumber 4294967295. Stopped 
ldap2.4, started ldap2.3 and everything is back to normal. But that's 
not what I want, so I'm continuing with 2.4.

I can't remember seeing this happening with 2.4.6.

Can anyone guess at the significance of the value "4294967295"?

Best,

--Tonni

--
Tony Earnshaw
Email: tonni at hetnet dot nl