Solved

Linux ID command

Posted on 2014-04-11
7
381 Views
Last Modified: 2014-04-28
Hello,

I have ldap user, the user's UID value differs between two different servers, Please help me to understand why this happens.

[root@esg-dev~]# id lstarn
uid=80279(lstarn) gid=1091(web_dev) groups=1091(web_dev)

[root@linuxconsole ~]# id lstarn
uid=1(bin) gid=1(bin) groups=1(bin)

[root@linuxconsole ~]# grep lstarn /etc/passwd
[root@linuxconsole ~]# grep bin /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin

Both linux host esg-dev and linuxconsole are part of ldap.
0
Comment
Question by:sudhirgoogle
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39995784
Try

#getent passwd lstarn

This will give you the extact id which is being populated by LDAP

TY/SA
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997472
here is the output

[root@linuxconsole ~]# getent passwd lstarn
bin:$1$tApqDl$5/wR5/6.9YD3l7KeKnoyc1:1:1:bin:/dev/null:/sbin/nologin
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997477
This problem occurs only on one particular server that is 'linuxconsole" server, same id works fine on other servers.

output from working server.
getent passwd lstarn
lstarn:*:80279:1091:Laurence Starn:/home/lstarn:/bin/bash
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 167 total points
ID: 39997570
Check whether same id being used by any local user already if yes then pls modify it something else to make it work properly...

TY/SA
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39997762
I'd say that something is badly wrong with your authentication configuration
User logs in as UID1 and automatically is owner of all systems' binary files.
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39998361
Same LDAP id is not used by local users on the server. here is the output of /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
puppet:x:100:101:Puppet:/var/lib/puppet:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
/passwd

here is the output for linux release
[root@linuxconsole ~]# cat /etc/redhat-release
CentOS release 4.5 (Final)

here is the output for ldap packages installed.
[root@linuxconsole ~]# rpm -qa | grep ldap
nss_ldap-253-16.el4
openldap-2.2.13-12.el4_8.4
openldap-clients-2.2.13-12.el4_8.4
[root@linuxconsole ~]#

Here is the output of nsswitch.conf file
[root@linuxconsole ~]# grep -v ^# /etc/nsswitch.conf
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  files
aliases:    files
automount:  files ldap


Here is the output of ldap.conf file
grep -v ^# /etc/openldap/ldap.conf

URI  ldap://osdc-ldap.abc.com  ldap://osdc-ldap-1.abc.com  ldap://osdc-ldap-2.abc.com
BASE dc=abc,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
HOST ldap://osdc-ldap.abc.com ldap://osdc-ldap-1.abc.com ldap://osdc-ldap-2.abc.com
0
 
LVL 61

Accepted Solution

by:
gheist earned 333 total points
ID: 39998700
It is something in pam config that it allows ldap users with low IDs
/etc/pam.d/* - compare between systems, nobody can blindly tell what is right in your environment
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now