Re: [389-users] GID error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 2009-06-13 at 09:11 -0500, Doug Coats wrote:
> I have run into a issue with my system being able to correctly
> identify a user and their group.
>  
> I am running CentOS 5.3 and centos-ds 8.1
>  
> I have created a user using the managment console.
>  
> I set up the first name, last name, common name, user id, and
> password.  Under Posix User I set up UID Number: 10009, GID Number:
> 10009, Home Directory: /home/user, and Shell: /bin/bash.
>  
> I set up authentication using System > Administration >
> Authentication.  I enabled LDAP support and configured it.  Under the
> options tab I checke "Create home directories on first login."
>  
> My user can log into the box and can ssh into the box.
>  
> When I do log in I receive the following error.
>  
> id: cannot find name for group ID 10009
>  
> When I ls -la the users home directory it displays.
>  
> drwxr-xr-x 15 user 100009 4096 Jun 13 08:26 user
>  
> I tried creating a "user" group but their is no way to attach a GID to
> that group so there is no way for LDAP or PAM to associate the two.  
>  
> I googled around but none of the solutions worked for me or seemed to
> apply to this situation.
>  
> Thanks for any help!
>  
> Doug
<snip>
> 
Since you were able to set the GID, I assume you added the posixGroup
object class.  You would need to do the same to a group in order to add
a GID, I believe.  As you probably already know, one would do this by
adding a value to objectClass in the advanced properties.

I wonder if it is just a matter of time, in other words, perhaps there
was a group query before the GID was set and nscd cached it.  The
default group cache is 3600 seconds which is why we change it to 600 in
nscd.conf.  I think the command to flush the group cache is nscd -i
group or groups.

Other than that, I'm not sure.  You could enable Access Logging and see
what queries are being made.  I've not found the log screens in
centos_idm-console very helpful and typically just look at the access
file in /var/log/dirsrv/slapd-xxx/.  I do notice there is a substantial
delay between when events occur and when they are written to the log.
Hope this helps - John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

http://www.spiritualoutreach.com
Making Christianity intelligible to secular society

--
389 users mailing list
389-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users

[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux