Re: Lack of groups sync

To: John Miller <jmiller@thecsl.org>
Cc: debian-isp@lists.debian.org
Subject: Re: Lack of groups sync
From: John Miller <jmiller@thecsl.org>
Date: Tue, 01 Nov 2005 23:32:41 -0500
Message-id: <[🔎] 43684169.1080306@thecsl.org>
In-reply-to: <[🔎] 43679C87.5000100@thecsl.org>
References: <[🔎] 43679C87.5000100@thecsl.org>

Solved this one myself.

Turns out that the scripts we were using to generate new LDAP users were
not doing so according to our schema.  Moral: make sure that your
database is self-consistent!

John

John Miller wrote:

>Hello all,
>
>Recently we migrated our web/NFS server to LDAP from /etc/passwd &
>/etc/group.  Ever since the migration, in which we performed a mass
>purge of usernames, my boss's list of groups has been out of sync with
>the rest of the usernames on the server.  For example:
>
>me@webserver: id <boss>
>
>returns my boss's full list of groups.
>
>Similarly,
>
>otheruser@webserver: id <boss>
>
>returns the proper list of groups as well.  In this case, I've tried
>root and several non-privileged users for "otheruser" -- all give the
>correct list of groups.
>
>However,
>
>boss@webserver: id
>
>does not return the correct list of groups.  Furthermore, 'getent group'
>returns the proper list of groups, regardless of who runs it.
>
>Can someone advise me on this?  It's not a good idea for my boss to edit
>web files as root....
>
>Addl info: we're running nscd, which I have restarted on numerous occasions.
>
>Thanks!
>John
>
>
>  
>

Reply to:

References:
- Lack of groups sync
  - From: John Miller <jmiller@thecsl.org>

Prev by Date: Re: bind over MySQL
Next by Date: Re: megaraid and 2.6 kernel
Previous by thread: Lack of groups sync
Next by thread: bind over MySQL
Index(es):
- Date
- Thread