I apologize for the cross post here - but I am pulling my hair out on this one. I have openldap working well integrating with the unix/samba usernames so getent passwd displays all the ldap accounts I had a bit of a fat finger today and nuked an account I rebuilt it, and for the most part everything is identical (including uidnumber) I can ldapsearch for it fine - however if I: getent passwd | grep agent-guest , nothing appears yet everything that the account relies upon still seems functional -- is there something that toggles it being in the output? am I missing something very simple? thanks in advance - -- ---------------------------------- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain <A href="http://www.prupref.com">Simply Chicago Real Estate</A>
On Fri, 18 Feb 2005 17:22:26 -0600, Chris McKeever <techjedi@gmail.com> wrote:> I apologize for the cross post here - but I am pulling my hair out on this one. > > I have openldap working well integrating with the unix/samba usernames so > getent passwd displays all the ldap accounts > > I had a bit of a fat finger today and nuked an account > I rebuilt it, and for the most part everything is identical (including > uidnumber) > I can ldapsearch for it fine - > > however if I: getent passwd | grep agent-guest , nothing appears > yet everything that the account relies upon still seems functional -- > > is there something that toggles it being in the output? am I missing > something very simple? > > thanks in advance - > > --ldap comparison - cgmckeever displays, agent-guest does not dn: uid=cgmckeever, ou=People, dc=prupref,dc=com dn: uid=agent-guest, ou=People, dc=prupref,dc=com objectClass: top objectClass: top objectClass: person objectClass: person objectClass: organizationalPerson objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: inetOrgPerson objectClass: account objectClass: account objectClass: posixaccount objectClass: posixaccount objectClass: shadowaccount objectClass: shadowaccount objectClass: kerberosSecurityObject objectClass: kerberosSecurityObject objectClass: sambaAccount objectClass: sambaAccount sn: McKeever sn: guest givenName: Chris McKeever givenName: agent guest mail: cgmckeever@prupref.com mail: website@prupref.com shadowLastChange: 11761 shadowLastChange: 11761 shadowMin: -1 shadowMin: -1 shadowMax: 99999 shadowMax: 99999 shadowWarning: -1 shadowWarning: -1 shadowInactive: -1 shadowInactive: -1 shadowExpire: -1 shadowExpire: -1 shadowFlag: 7100670 shadowFlag: 7100670 krbName: cgmckeever@prupref.com krbName: website@prupref.com loginShell: /bin/false loginShell: /bin/false uidNumber: 1277 uidNumber: 49344 gidNumber: 1002 gidNumber: 1002 homeDirectory: /home/ homeDirectory: /home/ gecos: Chris McKeever gecos: agent guest creatorsName: cn=root,dc=prupref,dc=com creatorsName: cn=root,dc=prupref,dc=com createTimestamp: 20030502214502Z createTimestamp: 20050218204327Z userPassword:: e01ENX1IZk8z userPassword:: e01ENX01UlhmRF uid: cgmckeever uid: agent-guest pwdLastSet: 1093903956 pwdLastSet: 1108759458 logonTime: 0 logonTime: 0 logoffTime: 0 logoffTime: 2147483647 kickoffTime: 0 kickoffTime: 2147483647 pwdCanChange: 0 pwdCanChange: 0 displayName: Chris McKeever displayName: agent guest cn: Chris McKeever cn: agent guest rid: 3554 rid: 99688 primaryGroupID: 3005 primaryGroupID: 3005 lmPassword: 6E265BE9 lmPassword: A356673D ntPassword: 95A69025 ntPassword: 2E6E2DA74 acctFlags: [UX ] acctFlags: [UX ] pwdMustChange: 108696195100 pwdMustChange: 108696195100 modifiersName: cn=root,dc=prupref,dc=com modifiersName: cn=root,dc=prupref,dc=com modifyTimestamp: 20040830221237Z modifyTimestamp: 20050218204419Z> ---------------------------------- > please respond to the list .. if you need to contact me direct > cgmckeever is the account > prupref.com is the domain > > <A href="http://www.prupref.com">Simply Chicago Real Estate</A> >-- ---------------------------------- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain <A href="http://www.prupref.com">Simply Chicago Real Estate</A>
with some more tinkering I was able to recreate the issue -- delete an account out of ldap, readd it and it will not appear via getent passwd any ideas?? thanks On Fri, 18 Feb 2005 18:14:04 -0600, Chris McKeever <techjedi@gmail.com> wrote:> On Fri, 18 Feb 2005 17:22:26 -0600, Chris McKeever <techjedi@gmail.com> wrote: > > I apologize for the cross post here - but I am pulling my hair out on this one. > > > > I have openldap working well integrating with the unix/samba usernames so > > getent passwd displays all the ldap accounts > > > > I had a bit of a fat finger today and nuked an account > > I rebuilt it, and for the most part everything is identical (including > > uidnumber) > > I can ldapsearch for it fine - > > > > however if I: getent passwd | grep agent-guest , nothing appears > > yet everything that the account relies upon still seems functional -- > > > > is there something that toggles it being in the output? am I missing > > something very simple? > > > > thanks in advance - > > > > -- > > ldap comparison - cgmckeever displays, agent-guest does not > > dn: uid=cgmckeever, ou=People, dc=prupref,dc=com dn: uid=agent-guest, > ou=People, dc=prupref,dc=com > objectClass: top objectClass: top > objectClass: person objectClass: person > objectClass: organizationalPerson objectClass: organizationalPerson > objectClass: inetOrgPerson objectClass: inetOrgPerson > objectClass: account objectClass: account > objectClass: posixaccount objectClass: posixaccount > objectClass: shadowaccount objectClass: shadowaccount > objectClass: kerberosSecurityObject objectClass: kerberosSecurityObject > objectClass: sambaAccount objectClass: sambaAccount > sn: McKeever sn: guest > givenName: Chris McKeever givenName: agent guest > mail: cgmckeever@prupref.com mail: website@prupref.com > shadowLastChange: 11761 shadowLastChange: 11761 > shadowMin: -1 shadowMin: -1 > shadowMax: 99999 shadowMax: 99999 > shadowWarning: -1 shadowWarning: -1 > shadowInactive: -1 shadowInactive: -1 > shadowExpire: -1 shadowExpire: -1 > shadowFlag: 7100670 shadowFlag: 7100670 > krbName: cgmckeever@prupref.com krbName: website@prupref.com > loginShell: /bin/false loginShell: /bin/false > uidNumber: 1277 uidNumber: 49344 > gidNumber: 1002 gidNumber: 1002 > homeDirectory: /home/ homeDirectory: /home/ > gecos: Chris McKeever gecos: agent guest > creatorsName: cn=root,dc=prupref,dc=com creatorsName: > cn=root,dc=prupref,dc=com > createTimestamp: 20030502214502Z createTimestamp: 20050218204327Z > userPassword:: e01ENX1IZk8z userPassword:: e01ENX01UlhmRF > uid: cgmckeever uid: agent-guest > pwdLastSet: 1093903956 pwdLastSet: 1108759458 > logonTime: 0 logonTime: 0 > logoffTime: 0 logoffTime: 2147483647 > kickoffTime: 0 kickoffTime: 2147483647 > pwdCanChange: 0 pwdCanChange: 0 > displayName: Chris McKeever displayName: agent guest > cn: Chris McKeever cn: agent guest > rid: 3554 rid: 99688 > primaryGroupID: 3005 primaryGroupID: 3005 > lmPassword: 6E265BE9 lmPassword: A356673D > ntPassword: 95A69025 ntPassword: 2E6E2DA74 > acctFlags: [UX ] acctFlags: [UX ] > pwdMustChange: 108696195100 pwdMustChange: 108696195100 > modifiersName: cn=root,dc=prupref,dc=com modifiersName: > cn=root,dc=prupref,dc=com > modifyTimestamp: 20040830221237Z modifyTimestamp: 20050218204419Z > > > > ---------------------------------- > > please respond to the list .. if you need to contact me direct > > cgmckeever is the account > > prupref.com is the domain > > > > <A href="http://www.prupref.com">Simply Chicago Real Estate</A> > > > > -- > ---------------------------------- > please respond to the list .. if you need to contact me direct > cgmckeever is the account > prupref.com is the domain > > <A href="http://www.prupref.com">Simply Chicago Real Estate</A> >-- ---------------------------------- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain <A href="http://www.prupref.com">Simply Chicago Real Estate</A>
> with some more tinkering I was able to recreate the issue -- > delete an account out of ldap, readd it and it will not appear via getent passwd > any ideas??Is nscd running? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20050221/2099786d/attachment.bin
thanks for the reply - nscd is not running, nor is installed On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams <adam@morrison-ind.com> wrote:> > with some more tinkering I was able to recreate the issue -- > > delete an account out of ldap, readd it and it will not appear via getent passwd > > any ideas?? > > Is nscd running? > > >-- ---------------------------------- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain <A href="http://www.prupref.com">Simply Chicago Real Estate</A>
wondering if anyone has any suggestions on this - beating my head against the wall - thanks On Mon, 21 Feb 2005 08:11:48 -0600, Chris McKeever <techjedi@gmail.com> wrote:> thanks for the reply - > nscd is not running, nor is installed > > On Mon, 21 Feb 2005 08:57:38 -0500, Adam Tauno Williams > <adam@morrison-ind.com> wrote: > > > with some more tinkering I was able to recreate the issue -- > > > delete an account out of ldap, readd it and it will not appear via getent passwd > > > any ideas?? > > > > Is nscd running? > > > > > > > > -- > ---------------------------------- > please respond to the list .. if you need to contact me direct > cgmckeever is the account > prupref.com is the domain > > <A href="http://www.prupref.com">Simply Chicago Real Estate</A> >-- ---------------------------------- please respond to the list .. if you need to contact me direct cgmckeever is the account prupref.com is the domain <A href="http://www.prupref.com">Simply Chicago Real Estate</A>