Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Linux ID command

Posted on 2014-04-11
7
392 Views
Last Modified: 2014-04-28
Hello,

I have ldap user, the user's UID value differs between two different servers, Please help me to understand why this happens.

[root@esg-dev~]# id lstarn
uid=80279(lstarn) gid=1091(web_dev) groups=1091(web_dev)

[root@linuxconsole ~]# id lstarn
uid=1(bin) gid=1(bin) groups=1(bin)

[root@linuxconsole ~]# grep lstarn /etc/passwd
[root@linuxconsole ~]# grep bin /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin

Both linux host esg-dev and linuxconsole are part of ldap.
0
Comment
Question by:sudhirgoogle
  • 3
  • 2
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Sandy
ID: 39995784
Try

#getent passwd lstarn

This will give you the extact id which is being populated by LDAP

TY/SA
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997472
here is the output

[root@linuxconsole ~]# getent passwd lstarn
bin:$1$tApqDl$5/wR5/6.9YD3l7KeKnoyc1:1:1:bin:/dev/null:/sbin/nologin
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39997477
This problem occurs only on one particular server that is 'linuxconsole" server, same id works fine on other servers.

output from working server.
getent passwd lstarn
lstarn:*:80279:1091:Laurence Starn:/home/lstarn:/bin/bash
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 13

Assisted Solution

by:Sandy
Sandy earned 167 total points
ID: 39997570
Check whether same id being used by any local user already if yes then pls modify it something else to make it work properly...

TY/SA
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39997762
I'd say that something is badly wrong with your authentication configuration
User logs in as UID1 and automatically is owner of all systems' binary files.
0
 
LVL 1

Author Comment

by:sudhirgoogle
ID: 39998361
Same LDAP id is not used by local users on the server. here is the output of /etc/passwd
cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
netdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bash
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
puppet:x:100:101:Puppet:/var/lib/puppet:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
/passwd

here is the output for linux release
[root@linuxconsole ~]# cat /etc/redhat-release
CentOS release 4.5 (Final)

here is the output for ldap packages installed.
[root@linuxconsole ~]# rpm -qa | grep ldap
nss_ldap-253-16.el4
openldap-2.2.13-12.el4_8.4
openldap-clients-2.2.13-12.el4_8.4
[root@linuxconsole ~]#

Here is the output of nsswitch.conf file
[root@linuxconsole ~]# grep -v ^# /etc/nsswitch.conf
passwd:     files ldap
shadow:     files ldap
group:      files ldap
hosts:      files dns
bootparams: files
ethers:     files
netmasks:   files
networks:   files
protocols:  files ldap
rpc:        files
services:   files ldap
netgroup:   files ldap
publickey:  files
aliases:    files
automount:  files ldap


Here is the output of ldap.conf file
grep -v ^# /etc/openldap/ldap.conf

URI  ldap://osdc-ldap.abc.com  ldap://osdc-ldap-1.abc.com  ldap://osdc-ldap-2.abc.com
BASE dc=abc,dc=com
TLS_CACERTDIR /etc/openldap/cacerts
HOST ldap://osdc-ldap.abc.com ldap://osdc-ldap-1.abc.com ldap://osdc-ldap-2.abc.com
0
 
LVL 62

Accepted Solution

by:
gheist earned 333 total points
ID: 39998700
It is something in pam config that it allows ldap users with low IDs
/etc/pam.d/* - compare between systems, nobody can blindly tell what is right in your environment
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question