?
Solved

Linux ID command

Posted on 2014-04-11
7
Medium Priority
?
409 Views
Last Modified: 2014-04-28
Hello,

I have ldap user, the user's UID value differs between two different servers, Please help me to understand why this happens.

[root@esg-dev~]# id lstarn
uid=80279(lstarn) gid=1091(web_dev) groups=1091(web_dev)

[root@linuxconsole ~]# id lstarn
uid=1(bin) gid=1(bin) groups=1(bin)

[root@linuxconsole ~]# grep lstarn /etc/passwd
[root@linuxconsole ~]# grep bin /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin

Both linux host esg-dev and linuxconsole are part of ldap.
0
Comment
Question by:sudhirgoogle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39995784
Try

#getent passwd lstarn

This will give you the extact id which is being populated by LDAP

TY/SA
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997472
here is the output

[root@linuxconsole ~]# getent passwd lstarn
bin:$1$tApqDl$5/wR5/6.9YD3l7KeKnoyc1:1:1:bin:/dev/null:/sbin/nologin
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997477
This problem occurs only on one particular server that is 'linuxconsole" server, same id works fine on other servers.

output from working server.
getent passwd lstarn
lstarn:*:80279:1091:Laurence Starn:/home/lstarn:/bin/bash
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 668 total points
ID: 39997570
Check whether same id being used by any local user already if yes then pls modify it something else to make it work properly...

TY/SA
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1332 total points
ID: 39997762
I'd say that something is badly wrong with your authentication configuration
User logs in as UID1 and automatically is owner of all systems' binary files.
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39998361
Same LDAP id is not used by local users on the server. here is the output of /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
puppet:x:100:101:Puppet:/var/lib/puppet:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
/passwd

here is the output for linux release
[root@linuxconsole ~]# cat /etc/redhat-release
CentOS release 4.5 (Final)

here is the output for ldap packages installed.
[root@linuxconsole ~]# rpm -qa | grep ldap
nss_ldap-253-16.el4
openldap-2.2.13-12.el4_8.4
openldap-clients-2.2.13-12.el4_8.4
[root@linuxconsole ~]#

Here is the output of nsswitch.conf file
[root@linuxconsole ~]# grep -v ^# /etc/nsswitch.conf
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  files
aliases:    files
automount:  files ldap


Here is the output of ldap.conf file
grep -v ^# /etc/openldap/ldap.conf

URI  ldap://osdc-ldap.abc.com  ldap://osdc-ldap-1.abc.com  ldap://osdc-ldap-2.abc.com
BASE dc=abc,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
HOST ldap://osdc-ldap.abc.com ldap://osdc-ldap-1.abc.com ldap://osdc-ldap-2.abc.com
0
 
LVL 62

Accepted Solution

by:
gheist earned 1332 total points
ID: 39998700
It is something in pam config that it allows ldap users with low IDs
/etc/pam.d/* - compare between systems, nobody can blindly tell what is right in your environment
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Fine Tune your automatic Updates for Ubuntu / Debian
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month11 days, 18 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question