Re: [nssldap] wireshark shows successful ldap searches, but no nss or pam stuff works
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [nssldap] wireshark shows successful ldap searches, but no nss or pam stuff works
- From: "Douglas E. Engert" <deengert [at] anl.gov>
- To: Guillaume Rousse <Guillaume.Rousse [at] inria.fr>
- Cc: nssldap [at] padl.com
- Subject: Re: [nssldap] wireshark shows successful ldap searches, but no nss or pam stuff works
- Date: Fri, 17 Jul 2009 14:26:47 -0500
Guillaume Rousse wrote:
Douglas E. Engert a écrit :
philoertel wrote:
Thanks for the responses!
See I saw a post somewhere else suggesting there might be a problem
with not
having uid and gid. But I thought this was a common thing and there
must be
a way. I definitely don't have uid in AD. If I can get my AD admins
to work
with me, can I just add random uids (>1000)? I don't really
understand why
they have to be there for this to work, so I can't figure out if
there's a
reasonable workaround.
I don't think you can freely add additional information in AD, tough I'm
not an expert. Indeed, mapping information (login <-> uid) does not
mandatorily have to be there.
See the Microsoft SFU that does provide for using AD for unix and ldap.
I believe W 2003 has the schema built in.
See these for more info:
http://www.padl.com/Articles/ActiveDirectoryandtheNISL.html
http://technet.microsoft.com/en-us/library/bb463150.aspx
I have users both local and remote because remote doesn't work! But I
think
this is the normal way right? Because root's always going to be
local? And
at any rate it shouldn't cause any problems.
It's fine to have local and remote users, provided they are distinct set
of users. Otherwise, you're going into various kind of troubles.
[..]
and also look at Samba.
And more specifically at winbind.
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
- Re: [nssldap] wireshark shows successful ldap searches, but no nss or pam stuff works, (continued)