Solved

Linux ID command

Posted on 2014-04-11
7
388 Views
Last Modified: 2014-04-28
Hello,

I have ldap user, the user's UID value differs between two different servers, Please help me to understand why this happens.

[root@esg-dev~]# id lstarn
uid=80279(lstarn) gid=1091(web_dev) groups=1091(web_dev)

[root@linuxconsole ~]# id lstarn
uid=1(bin) gid=1(bin) groups=1(bin)

[root@linuxconsole ~]# grep lstarn /etc/passwd
[root@linuxconsole ~]# grep bin /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin

Both linux host esg-dev and linuxconsole are part of ldap.
0
Comment
Question by:sudhirgoogle
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39995784
Try

#getent passwd lstarn

This will give you the extact id which is being populated by LDAP

TY/SA
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997472
here is the output

[root@linuxconsole ~]# getent passwd lstarn
bin:$1$tApqDl$5/wR5/6.9YD3l7KeKnoyc1:1:1:bin:/dev/null:/sbin/nologin
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997477
This problem occurs only on one particular server that is 'linuxconsole" server, same id works fine on other servers.

output from working server.
getent passwd lstarn
lstarn:*:80279:1091:Laurence Starn:/home/lstarn:/bin/bash
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 167 total points
ID: 39997570
Check whether same id being used by any local user already if yes then pls modify it something else to make it work properly...

TY/SA
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39997762
I'd say that something is badly wrong with your authentication configuration
User logs in as UID1 and automatically is owner of all systems' binary files.
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39998361
Same LDAP id is not used by local users on the server. here is the output of /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
puppet:x:100:101:Puppet:/var/lib/puppet:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
/passwd

here is the output for linux release
[root@linuxconsole ~]# cat /etc/redhat-release
CentOS release 4.5 (Final)

here is the output for ldap packages installed.
[root@linuxconsole ~]# rpm -qa | grep ldap
nss_ldap-253-16.el4
openldap-2.2.13-12.el4_8.4
openldap-clients-2.2.13-12.el4_8.4
[root@linuxconsole ~]#

Here is the output of nsswitch.conf file
[root@linuxconsole ~]# grep -v ^# /etc/nsswitch.conf
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  files
aliases:    files
automount:  files ldap


Here is the output of ldap.conf file
grep -v ^# /etc/openldap/ldap.conf

URI  ldap://osdc-ldap.abc.com  ldap://osdc-ldap-1.abc.com  ldap://osdc-ldap-2.abc.com
BASE dc=abc,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
HOST ldap://osdc-ldap.abc.com ldap://osdc-ldap-1.abc.com ldap://osdc-ldap-2.abc.com
0
 
LVL 62

Accepted Solution

by:
gheist earned 333 total points
ID: 39998700
It is something in pam config that it allows ldap users with low IDs
/etc/pam.d/* - compare between systems, nobody can blindly tell what is right in your environment
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question