|
»
»
« Return to Thread: Active Directory groups causing glibc corrupted double-linked list errors
Active Directory groups causing glibc corrupted double-linked list errors
by Christopher Waltham
::
Rate this Message:
I have a variety of Red Hat Enterprise Linux 4.7 clients, all trying
to connect to a Windows 2003 Server Active Directory environment. 90%
of our clients can connect fine, but the remaining 10% (which all
happen to be members of one group) are having problems. Specifically,
any time they attempt to resolve user or group ID (be it through
looking at files, or simply running id/groups) I am seeing all sorts
of glibc errors. For example:
[root@mailhost ~]# finger aikido
Login: aikido Name: Aikido Club
Directory: /people/others/studorgs/aikido Shell: /bin/tcsh
Never logged in.
[root@mailhost ~]# id aikido
*** glibc detected *** corrupted double-linked list: 0x08cb4e40 ***
uid=10937(aikido) gid=512Aborted
[root@mailhost ~]# groups aikido
*** glibc detected *** corrupted double-linked list: 0x0945fe40 ***
Here what I think is relevant from that machine's /etc/ldap.conf:
nss_base_passwd ou=People,dc=bowdoincollege,dc=edu?sub
nss_base_group ou=Groups,dc=bowdoincollege,dc=edu?sub
nss_map_objectclass posixAccount User
nss_map_attribute uid samAccountName
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute gecos cn
nss_map_attribute homeDirectory bowd-unixhomedir
nss_map_attribute loginShell bowd-unixshell
nss_map_objectclass posixGroup Group
nss_map_attribute cn samAccountName
nss_map_attribute uniqueMember member
As you can see, we are using Microsoft's Services for UNIX. That user
account, aikido, has its primary Active Directory group set to
"studorgs" (i.e., student organizations). That group contains a couple
dozen users, all of whom are exhibiting the same problem as far as I
can see.
Other users, such as myself, appear to work fine:
[root@mailhost ~]# id cwaltham
uid=14771(cwaltham) gid=401(ccenter) groups=401(ccenter),10000(Desktop
Admin),403(library),29998(quikpaytest),30001(quikpayprod),16(sysadmin),
30(gopher),990(optdirect),734(fileradmin),0(root),200(sag_NIS),
742(VMware_Admins),743(aaaatest),744(bbbbtest)
[root@mailhost ~]# groups cwaltham
cwaltham : ccenter Desktop Admin library quikpaytest quikpayprod
sysadmin gopher optdirect fileradmin root sag_NIS VMware_Admins
aaaatest bbbbtest
I've used adsiedit on the Windows 2003 Servers and can't see anything
fishy, but I am by no means an Active Directory expert. Does anyone
have an idea as to where to begin troubleshooting this? I am guessing
that something about the "studorgs" group is fishy; though my obvious
checks (that it shares the same group ID with another group) have so
far proved fruitless.
The Linux server is RHEL4.7 running kernel 2.6.9 and the following
LDAP-related RPMs:
openldap-devel-2.2.13-12.el4
perl-LDAP-0.31-5
python-ldap-2.0.1-2
openldap-2.2.13-12.el4
nss_ldap-253-5.el4
compat-openldap-2.1.30-12.el4
Thanks!
Chris
to connect to a Windows 2003 Server Active Directory environment. 90%
of our clients can connect fine, but the remaining 10% (which all
happen to be members of one group) are having problems. Specifically,
any time they attempt to resolve user or group ID (be it through
looking at files, or simply running id/groups) I am seeing all sorts
of glibc errors. For example:
[root@mailhost ~]# finger aikido
Login: aikido Name: Aikido Club
Directory: /people/others/studorgs/aikido Shell: /bin/tcsh
Never logged in.
[root@mailhost ~]# id aikido
*** glibc detected *** corrupted double-linked list: 0x08cb4e40 ***
uid=10937(aikido) gid=512Aborted
[root@mailhost ~]# groups aikido
*** glibc detected *** corrupted double-linked list: 0x0945fe40 ***
Here what I think is relevant from that machine's /etc/ldap.conf:
nss_base_passwd ou=People,dc=bowdoincollege,dc=edu?sub
nss_base_group ou=Groups,dc=bowdoincollege,dc=edu?sub
nss_map_objectclass posixAccount User
nss_map_attribute uid samAccountName
nss_map_attribute uidNumber msSFU30UidNumber
nss_map_attribute gidNumber msSFU30GidNumber
nss_map_attribute gecos cn
nss_map_attribute homeDirectory bowd-unixhomedir
nss_map_attribute loginShell bowd-unixshell
nss_map_objectclass posixGroup Group
nss_map_attribute cn samAccountName
nss_map_attribute uniqueMember member
As you can see, we are using Microsoft's Services for UNIX. That user
account, aikido, has its primary Active Directory group set to
"studorgs" (i.e., student organizations). That group contains a couple
dozen users, all of whom are exhibiting the same problem as far as I
can see.
Other users, such as myself, appear to work fine:
[root@mailhost ~]# id cwaltham
uid=14771(cwaltham) gid=401(ccenter) groups=401(ccenter),10000(Desktop
Admin),403(library),29998(quikpaytest),30001(quikpayprod),16(sysadmin),
30(gopher),990(optdirect),734(fileradmin),0(root),200(sag_NIS),
742(VMware_Admins),743(aaaatest),744(bbbbtest)
[root@mailhost ~]# groups cwaltham
cwaltham : ccenter Desktop Admin library quikpaytest quikpayprod
sysadmin gopher optdirect fileradmin root sag_NIS VMware_Admins
aaaatest bbbbtest
I've used adsiedit on the Windows 2003 Servers and can't see anything
fishy, but I am by no means an Active Directory expert. Does anyone
have an idea as to where to begin troubleshooting this? I am guessing
that something about the "studorgs" group is fishy; though my obvious
checks (that it shares the same group ID with another group) have so
far proved fruitless.
The Linux server is RHEL4.7 running kernel 2.6.9 and the following
LDAP-related RPMs:
openldap-devel-2.2.13-12.el4
perl-LDAP-0.31-5
python-ldap-2.0.1-2
openldap-2.2.13-12.el4
nss_ldap-253-5.el4
compat-openldap-2.1.30-12.el4
Thanks!
Chris
« Return to Thread: Active Directory groups causing glibc corrupted double-linked list errors
| Free embeddable forum powered by Nabble | Forum Help |
