LDAP server broken after upgrade
Tim Wunder
tim at thewunders.org
Sun Aug 10 11:35:51 PDT 2008
On Saturday 09 August 2008 10:00:04 pm Lonni J Friedman wrote:
> On Sat, Aug 9, 2008 at 5:58 PM, Bill Campbell <linux-sxs at celestial.com>
wrote:
> > On Sat, Aug 09, 2008, Lonni J Friedman wrote:
> >>I've just upgraded a server which provides NFS & OpenLDAP
> >>authentication from Fedora 7 to Fedora9. The upgrade of the OS went
> >>smoothly, however LDAP appears to be semi-broken.
> >>
> >>While I can authenticate any user, if I attempt to login as that user, I
> >> see: $ su - lfriedman
> >>id: cannot find name for user ID 3215
> >>id: cannot find name for group ID 3215
> >>id: cannot find name for user ID 3215
> >>[I have no name!@spare ~]$
> >>
> >>All of this worked fine before the upgrade, so I'm kinda lost &
> >>confused on what could be wrong now. Any LDAP experts have any
> >>suggestions?
> >
> > I would check the /etc/ldap.conf and /etc/*ldap*/ldap.conf files to see
> > if they were changed during the upgrade (look for ldap.rpmsave files for
> > the old copies). Check also for an /etc/ldap.secret files which should
> > have 600 perms. Do similar checks on /etc/openldap/slapd.conf.
>
> I should have mentioned that I checked that first. Everything is
> world readable.
>
Not that I know anything about LDAP, but world readable is not 600 perms.
IIRC, doesn't sshd_config need to be 600 and not 644?
Just pointing out the obvious...
Tim
--
Fedora Core release 6 (Zod), Linux 2.6.22.14-72.fc6
KDE: 3.5.8-1 Fedora
14:30:01 up 25 days, 7:35, 2 users, load average: 0.23, 0.16, 0.11
"It's what you learn after you know it all that counts" John Wooden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://mailman.celestial.com/pipermail/linux-users/attachments/20080810/35302b86/attachment-0002.bin
More information about the Linux-users
mailing list