OpenSSH public key problem with Solaris 10 and LDAP users?

Alexander Skwar listen at alexander.skwar.name
Wed Aug 15 18:24:29 EST 2007


Jefferson Ogata <Jefferson.Ogata at noaa.gov> wrote:

> On 2007-08-15 06:52, Alexander Skwar wrote:
>> I doubt that. In LDAP, there's no difference between the non-working
>> users and the working users. At least not, as far as I can tell.
> 
> Are you sure you're dumping all the attributes?

No. But I'm sure that I'm importing all the attributes :) As
written elsewhere in this thread - initially, I filled the
database with the help of PADL MigrationTools. This converted
/etc/passwd to ldif format. I then ran ldapadd to add the ldif
file to the LDAP database.

That's what I did this time as well for the testing user.

> Many LDAP servers don't 
> dump certain attributes by default. Safest bet is to compare an actual
> dump export from the LDAP server, rather than the result of running
> ldapsearch.

You mean, that I should compare the output of slapcat? You're
right. And I did that. No difference.

,----[ differences between user entries, diff -u ]
| --- askwar.ldif Mit Aug 15 10:17:54 2007
| +++ testing.ldif        Mit Aug 15 10:18:09 2007
| @@ -1,9 +1,9 @@
| -dn: uid=askwar,ou=People,ou=RACE,o=Example
| -uid: askwar
| -cn: Alexander Skwar
| +dn: uid=testing,ou=People,ou=RACE,o=Example
| +uid: testing
| +cn: Testing User
|  roomNumber: alexander.skwar at Exampleauto.com
| -givenName: Alexander
| -sn: Skwar
| +givenName: Testing
| +sn: User
|  mail: askwar at win.ch.da.rtr
|  mailRoutingAddress: askwar at mail1.Exampleauto.com
|  mailHost: mail1.Exampleauto.com
| @@ -19,17 +19,17 @@
|  shadowLastChange: 13503
|  loginShell: /opt/csw/bin/bash
|  gidNumber: 10
| -homeDirectory: /export/home/askwar
| +homeDirectory: /tmp/testing
|  gecos: Alexander Skwar,alexander.skwar at Exampleauto.com
| -structuralObjectClass: inetOrgPerson
| -entryUUID: 731c4ae2-76e2-102b-929e-898e4be004d5
| -creatorsName: cn=Admin,ou=RACE,o=Example
| -createTimestamp: 20070404102443Z
|  host: winnb000488
|  host: winnb000488.win.ch.da.rtr
|  host: winds06
|  host: winds06.win.ch.da.rtr
| -uidNumber: 10001
| -entryCSN: 20070412121522Z#000000#00#000000
| +uidNumber: 54321
| +structuralObjectClass: inetOrgPerson
| +entryUUID: 7634ba72-df45-102b-981d-216a382f8806
| +creatorsName: cn=Admin,ou=RACE,o=Example
| +createTimestamp: 20070815063530Z
| +entryCSN: 20070815063530Z#000000#00#000000
|  modifiersName: cn=Admin,ou=RACE,o=Example
| -modifyTimestamp: 20070412121522Z
| +modifyTimestamp: 20070815063530Z
`----

No relevant differences :/ "askwar" is the working user, "testing"
is the non-working user.

Thanks again,
Alexander Skwar



More information about the openssh-unix-dev mailing list