[nssldap] Active Directory groups causing glibc corrupted double-linked list errors
[Date Prev][Date Next] [Thread Prev][Thread Next][nssldap] Active Directory groups causing glibc corrupted double-linked list errors
- From: Christopher Waltham <cwaltham [at] bowdoin.edu>
- To: nssldap [at] padl.com
- Subject: [nssldap] Active Directory groups causing glibc corrupted double-linked list errors
- Date: Fri, 9 Jan 2009 17:39:31 -0500
I have a variety of Red Hat Enterprise Linux 4.7 clients, all trying to connect to a Windows 2003 Server Active Directory environment. 90% of our clients can connect fine, but the remaining 10% (which all happen to be members of one group) are having problems. Specifically, any time they attempt to resolve user or group ID (be it through looking at files, or simply running id/groups) I am seeing all sorts of glibc errors. For example:
[root@mailhost ~]# finger aikido Login: aikido Name: Aikido Club Directory: /people/others/studorgs/aikido Shell: /bin/tcsh Never logged in. [root@mailhost ~]# id aikido *** glibc detected *** corrupted double-linked list: 0x08cb4e40 *** uid=10937(aikido) gid=512Aborted [root@mailhost ~]# groups aikido *** glibc detected *** corrupted double-linked list: 0x0945fe40 *** Here what I think is relevant from that machine's /etc/ldap.conf: nss_base_passwd ou=People,dc=bowdoincollege,dc=edu?sub nss_base_group ou=Groups,dc=bowdoincollege,dc=edu?sub nss_map_objectclass posixAccount User nss_map_attribute uid samAccountName nss_map_attribute uidNumber msSFU30UidNumber nss_map_attribute gidNumber msSFU30GidNumber nss_map_attribute gecos cn nss_map_attribute homeDirectory bowd-unixhomedir nss_map_attribute loginShell bowd-unixshell nss_map_objectclass posixGroup Group nss_map_attribute cn samAccountName nss_map_attribute uniqueMember memberAs you can see, we are using Microsoft's Services for UNIX. That user account, aikido, has its primary Active Directory group set to "studorgs" (i.e., student organizations). That group contains a couple dozen users, all of whom are exhibiting the same problem as far as I can see.
Other users, such as myself, appear to work fine: [root@mailhost ~]# id cwalthamuid=14771(cwaltham) gid=401(ccenter) groups=401(ccenter),10000(Desktop Admin),403(library),29998(quikpaytest),30001(quikpayprod),16(sysadmin), 30(gopher),990(optdirect),734(fileradmin),0(root),200(sag_NIS), 742(VMware_Admins),743(aaaatest),744(bbbbtest)
[root@mailhost ~]# groups cwalthamcwaltham : ccenter Desktop Admin library quikpaytest quikpayprod sysadmin gopher optdirect fileradmin root sag_NIS VMware_Admins aaaatest bbbbtest
I've used adsiedit on the Windows 2003 Servers and can't see anything fishy, but I am by no means an Active Directory expert. Does anyone have an idea as to where to begin troubleshooting this? I am guessing that something about the "studorgs" group is fishy; though my obvious checks (that it shares the same group ID with another group) have so far proved fruitless.
The Linux server is RHEL4.7 running kernel 2.6.9 and the following LDAP-related RPMs:
openldap-devel-2.2.13-12.el4 perl-LDAP-0.31-5 python-ldap-2.0.1-2 openldap-2.2.13-12.el4 nss_ldap-253-5.el4 compat-openldap-2.1.30-12.el4 Thanks! Chris
- [nssldap] Active Directory groups causing glibc corrupted double-linked list errors, Christopher Waltham
- Next by Date: [nssldap] getent passwd problems
- Next by thread: [nssldap] getent passwd problems