Solved

Linux ID command

Posted on 2014-04-11
7
395 Views
Last Modified: 2014-04-28
Hello,

I have ldap user, the user's UID value differs between two different servers, Please help me to understand why this happens.

[root@esg-dev~]# id lstarn
uid=80279(lstarn) gid=1091(web_dev) groups=1091(web_dev)

[root@linuxconsole ~]# id lstarn
uid=1(bin) gid=1(bin) groups=1(bin)

[root@linuxconsole ~]# grep lstarn /etc/passwd
[root@linuxconsole ~]# grep bin /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin

Both linux host esg-dev and linuxconsole are part of ldap.
0
Comment
Question by:sudhirgoogle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39995784
Try

#getent passwd lstarn

This will give you the extact id which is being populated by LDAP

TY/SA
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997472
here is the output

[root@linuxconsole ~]# getent passwd lstarn
bin:$1$tApqDl$5/wR5/6.9YD3l7KeKnoyc1:1:1:bin:/dev/null:/sbin/nologin
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997477
This problem occurs only on one particular server that is 'linuxconsole" server, same id works fine on other servers.

output from working server.
getent passwd lstarn
lstarn:*:80279:1091:Laurence Starn:/home/lstarn:/bin/bash
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 167 total points
ID: 39997570
Check whether same id being used by any local user already if yes then pls modify it something else to make it work properly...

TY/SA
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39997762
I'd say that something is badly wrong with your authentication configuration
User logs in as UID1 and automatically is owner of all systems' binary files.
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39998361
Same LDAP id is not used by local users on the server. here is the output of /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
puppet:x:100:101:Puppet:/var/lib/puppet:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
/passwd

here is the output for linux release
[root@linuxconsole ~]# cat /etc/redhat-release
CentOS release 4.5 (Final)

here is the output for ldap packages installed.
[root@linuxconsole ~]# rpm -qa | grep ldap
nss_ldap-253-16.el4
openldap-2.2.13-12.el4_8.4
openldap-clients-2.2.13-12.el4_8.4
[root@linuxconsole ~]#

Here is the output of nsswitch.conf file
[root@linuxconsole ~]# grep -v ^# /etc/nsswitch.conf
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  files
aliases:    files
automount:  files ldap


Here is the output of ldap.conf file
grep -v ^# /etc/openldap/ldap.conf

URI  ldap://osdc-ldap.abc.com  ldap://osdc-ldap-1.abc.com  ldap://osdc-ldap-2.abc.com
BASE dc=abc,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
HOST ldap://osdc-ldap.abc.com ldap://osdc-ldap-1.abc.com ldap://osdc-ldap-2.abc.com
0
 
LVL 62

Accepted Solution

by:
gheist earned 333 total points
ID: 39998700
It is something in pam config that it allows ldap users with low IDs
/etc/pam.d/* - compare between systems, nobody can blindly tell what is right in your environment
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question