Package: libnss-ldap Version: 261-2.1 Severity: important Hi Debian Bug Trackers,
I'm running Debian Lenny on a NSLU2. I wasn't able to authenticate a non-local (LDAP - in this case) user against an OpenLDAP server running on the same machine. Access to the LDAP service with ldapsearch, ldapadd and so on was working. 'getent passwd' did only show local users. 'getent -s ldap passwd' didn't give any result. 'su - <ldap-user>' returned that the user id is unkown. To verify the SLAPD config itself is working properly, i configured two Ubuntu machines to logon to that LDAP server. As that was working, it must have been related to the local libnss-ldap. Did apt-get purge libnss-ldap several times combined with rebooting the machine and purging libpam-ldap and nscd. Tried nearly every HowTo i could get my hands onto and finally found this hint: Execute the following command to find where the nss_ldap module expects to find its control file: 'strings /lib/libnss_ldap.so.2 | grep conf' On my machine, there wasn't any /lib/libnss_ldap.so.2. There is only a /lib/nss_ldap.so.1. After creating static links for libnss_ldap.so.2, libnss_ldap-2.7.so and several others (I'm not sure which of the links i created actually solved it) to nss_ldap.so and verifying that there are no unmet dependencies with 'ldd /lib/libnss_ldap.so.2' i gave it a try and now i can see LDAP users with 'getent -ldap passwd' and can login with LDAP users via SSH for e.g. Maybe you guys can double check that. Please let me know if you are missing additional information, I'll try to provide you with that in case it's needed. Is there a chance to hide my email address? Best regards Sebastian -- System Information: Debian Release: 5.0 APT prefers testing APT policy: (500, 'testing') Architecture: armel (armv5tel) Kernel: Linux 2.6.26-1-ixp4xx Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages libnss-ldap depends on: ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii libc6 2.7-16 GNU C Library: Shared libraries ii libcomerr2 1.41.3-1 common error description library ii libgcc1 1:4.3.2-1.1 GCC support library ii libkrb53 1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libsasl2-2 2.1.22.dfsg1-23 Cyrus SASL - authentication abstra Versions of packages libnss-ldap recommends: ii libpam-ldap 184-4.2 Pluggable Authentication Module fo ii nscd 2.7-16 GNU C Library: Name Service Cache libnss-ldap suggests no packages. -- debconf information: * libnss-ldap/rootbindpw: (password omitted) libnss-ldap/dblogin: false libnss-ldap/override: true * shared/ldapns/base-dn: dc=what,dc=ever * libnss-ldap/rootbinddn: cn=admin,dc=what,dc=ever * shared/ldapns/ldap_version: 3 * shared/ldapns/ldap-server: ldap://127.0.0.1/ * libnss-ldap/nsswitch: libnss-ldap/confperm: false libnss-ldap/dbrootlogin: true -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
