Hello all, I am having the strangest LDAP issue. We recently migrated a network from a hodgepdge of system accounts to an all LDAP setup, with the exception of a few administrative accounts. All seems to be working well, except for one thing - finger. id returns the expected values, users can log in, mail gets accepted and delivered, everything I can think of to check works fine, except finger.
Even stranger: finger -m $user returns expected results, although finger $user returns 'no such user'. Aha! I said - an indexing problem , or perhaps nscd. Responses coming back too slow for finger. Messed about with different indexing schemes (they are currently this: index gecos,cn,uid pres,eq,sub index homeDirectory,objectClass,loginshell,gidnumber,uidnumber pres,eq for an ldif of: dn: uid=$user,ou=People,dc=ccil,dc=org objectClass: top objectClass: ccilAccount objectClass: posixAccount objectClass: ccilAddress objectClass: ccilWorkAddress objectClass: ccilPerson cn: Some Guy uid: $user uidNumber: 11709 gidNumber: 100 homeDirectory: /home/u/$user l: Smalltown st: PA postalCode: 12345 userPassword:: <secret> loginShell: /bin/bash gecos: Some Guy pppAccess: TRUE emailAccess: TRUE registered: Oct 30 22:23:16 2001 street: 1224 Main St. bday: 01-02-03 telephoneNumber: 215-555-1212 education: College Graduate gender: Blank (names changed to protect the innocent)) Changing indexing options, running slapindex over and over, no help. By accident, I reran finger in my root session that was kept open as an "I hope I don't hose something" backup plan, and it worked. Now I start to think ACL's, nscd permissions, etc, but I see nothing out of the ordinary. We're using a pretty close to stock Debian config for all of this, with some minor tuning for indexing options and cache size, but that's about it. The ACL's are the stock ones, so I really don't know what's falling over here. Anybody have any ideas what to debug next? TIA, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
pgp0zCGiSP1sx.pgp
Description: PGP signature
