« Return to Thread: gentent works but "id" and "groups" commands fail with message "failed to get groups for user "
Re: gentent works but "id" and "groups" commands fail with message "failed to get groups for user "
by Arthur de Jong-3
::
Rate this Message:
On Thu, 2008-03-20 at 09:42 +0100, jodok-ole.muellers@...
wrote:
> I set up libnss-ldap on Linux to get user/group information
> from a Windows Active Directory Server.
>
> With getent it all looks fine to me, although I am not sure about
> the password field (second field in getent passwd) which is 'x'
> for local users and 'ABCD!efgh12345$67890' for ADS users.
> Same with getent group, the group password field is 'x' for local
> users and '*' for ADS users.
>
> Even though getent output looks fine the
> id and groups commands fail for users stored in ADS LDAP:
haven't looked at the code though that this is really the problem).
The GNU glibc docs [1] seem to suggest that if you return
NSS_STATUS_NOTFOUND you should set errno to ENOENT. This however causes
problems with some tools.
Instead if get*ent() does not find any more entries it should just
return NSS_STATUS_NOTFOUND and not touch errno.
[1] http://www.gnu.org/software/libc/manual/html_node/NSS-Modules-Interface.html
--
-- arthur - arthur@... - http://ch.tudelft.nl/~arthur --
signature.asc (196 bytes) « Return to Thread: gentent works but "id" and "groups" commands fail with message "failed to get groups for user "
| Free Forum Powered by Nabble | Forum Help |