I'm trying to set up nss_ldap to work with my openldap 2.3.39
installation on Fedora 8. When I su -l adamtest (an account in
openldap), I get the following error:
[root@roark etc]# su -l adamtest
id: cannot find name for user ID 773
[I have no name!@roark ~]$ id
uid=773 gid=100(users) groups=100(users)
and I think its something with the nss_ldap id resolution, because here
is the id command from me in /etc/passwd, notice the uid=511(awilliam)
is shown correctly here versus adamtest in openldap.
[awilliam@roark ~]$ id
uid=511(awilliam) gid=513(awilliam)
groups=100(users),102(is),500(admin),513(awilliam),630(pers),631(pubinfo),743(executive),754(hankandcheri)
adamtest is in openldap, here's his info:
[root@roark ldap]# ldapsearch -D
'cn=Manager,dc=mdah,dc=state,dc=ms,dc=us' -b
"uid=adamtest,ou=People,dc=mdah,dc=state,dc=ms,dc=us" -w xxxxxxxx
-x # extended LDIF
#
# LDAPv3
# base <uid=adamtest,ou=People,dc=mdah,dc=state,dc=ms,dc=us> with scope
subtree
# filter: (objectclass=*)
# requesting: ALL
#
# adamtest, People, mdah.state.ms.us
dn: uid=adamtest,ou=People,dc=mdah,dc=state,dc=ms,dc=us
uid: adamtest
cn: adamtest
sn: adamtest
mail: adamtest@mdah.state.ms.us
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword:: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
shadowLastChange: 13902
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 773
gidNumber: 100
homeDirectory: /home/adamtest
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
and my /etc/ldap.conf is:
base dc=mdah,dc=state,dc=ms,dc=us
binddn cn=Manager,dc=mdah,dc=state,dc=ms,dc=us
bindpw xxxxxxxx
rootbinddn cn=Manager,dc=mdah,dc=state,dc=ms,dc=us
nss_base_passwd ou=People,dc=mdah,dc=state,dc=ms,dc=us?one
nss_base_shadow ou=People,dc=mdah,dc=state,dc=ms,dc=us?one
nss_base_group ou=Group,dc=mdah,dc=state,dc=ms,dc=us?one
ssl no
pam_password md5
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon
logdir /var/log/nss_ldap
debug 256
uri ldap://roark.mdah.state.ms.us/
tls_cacertdir /etc/openldap/cacerts
bind_timelimit 10
bind_policy soft
nss_initgroups_ignoreusers root,ldap,named,tonni
and my slapd.conf is:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
pidfile /var/run/openldap/slapd.pid
database bdb
suffix "dc=mdah,dc=state,dc=ms,dc=us"
rootdn "cn=Manager,dc=mdah,dc=state,dc=ms,dc=us"
rootpw {SSHA}xxxxxxxxxxxxxxxxxxxxxxxxx
directory /var/lib/ldap
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index displayName pres,sub,eq
index uidNumber eq
index gidNumber eq
index memberUID eq
index sambaSID sub,eq
index sambaPrimaryGroupSID eq
index sambaDomainName eq
index default pres,eq,sub
access to dn="ou=People,dc=mdah,dc=state,dc=ms,dc=us"
by self write
by users auth
by anonymous read
access to dn.base=""
by self write
by * auth
access to attrs=userPassword,sambaLMPassword,sambaNTPassword,uid,cn,sn
by self write
by anonymous auth
by * none
access to attrs=shadowLastChange
by self write
by * auth
access to *
by self write
by dn.base="cn=Manager,dc=mdah,dc=state,dc=ms,dc=us" write
by * read
anyone see why i'm getting the "id: cannot find name for user ID 773 [I
have no name!@roark ~]$ id" error? any ideas?