« Return to Thread: 8 principal limitation in nssldap

Re: 8 principal limitation in nssldap

by Douglas E. Engert :: Rate this Message:

On 3/26/2011 8:37 AM, rammie2 wrote:
>
> Hi,
>
> We are using nss_ldap for authenticating users registered in a LDAP server
> (Open LDAP, Active Directory). After adding 8 principals (/etc/ldap.conf),
> none of the users registered in the /etc/ldap.conf file are able to login.

principals? Principals are not added to the /etc/ldap.conf Or do you mean RDN?

The LDAP API references an LDAP object by its distinguished name (DN).
A DN is a sequence of relative distinguished names (RDN) connected by commas.

An RDN is an attribute with an associated value in the form attribute=value;
normally expressed in a UTF-8 string format. The following table lists typical
RDN attribute types.

>
> nss_base_passwd
> OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname
> nss_base_shadow
> OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname
> nss_base_group
> OU=engg,DC=mycompany,DC=region,DC=someplace,DC=myarea,DC=compname,DC=parentcompname
>

Have you tried using something like:
base DC=someplace,DC=myarea,DC=compname,DC=parentcompname
nss_base_passwd OU=engg,DC=mycompany,DC=region,
nss_base_shadow OU=engg,DC=mycompany,DC=region,
nss_base_group OU=engg,DC=mycompany,DC=region,

Don't know it it will help or not.

>
> Can you please share the reason for this 7 limitation in the nss_ldap
> library. or how I can fix this issue. I am looking for the header file in
> the source files whhich has this constant or limitation defined.
>
> Tried googling, but it appears that no one has encountered this issue. Some
> customers of our product are running into this issue and it has become a
> severity 1 issue to fix. Appreciate any help on this
>
> Thanks
> Ramakanth

--

Douglas E. Engert <DEEngert@...>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444

« Return to Thread: 8 principal limitation in nssldap