strange behaviour of sssd

Eric Doutreleau Eric.Doutreleau at it-sudparis.eu
Wed Jun 23 13:45:39 UTC 2010 

i m trying to setup sssd 1.2 on our network and i have strange behaviour 
with it

here is my config

[sssd]
config_file_version = 2

reconnection_retries = 3

sbus_timeout = 30
services = nss, pam

domains = default
[nss]
filter_groups = root
filter_users = root
reconnection_retries = 3

[pam]
reconnection_retries = 3

[domain/default]

ldap_id_use_start_tls = False
ldap_tls_reqcert = never
cache_credentials = True
ldap_search_base = dc=int-evry,dc=fr
ldap_user_search_base = ou=People,dc=int-evry,dc=fr
ldap_group_search_base = ou=Group,ou=System,dc=int-evry,dc=fr
chpass_provider = none
id_provider = ldap
auth_provider = ldap
debug_level = 9
min_id = 1
ldap_uri = ldap://ldapdev.int-evry.fr/
ldap_schema = rfc2307
access_provider = ldap
ldap_access_filter = IntEPersInetServ=*unix-int*
ldap_default_bind_dn = cn=mcibind,ou=System,dc=int-evry,dc=fr
ldap_default_authtok_type = password
ldap_default_authtok = xxxxxx
enumerate = True
create_homedir = False

but when i connect to the machine i got the following message
ssh doutrele at b008-07
Last login: Wed Jun 23 15:21:10 2010 from 157.159.21.133
id: cannot find name for user ID 14517
id: cannot find name for group ID 145
id: cannot find name for user ID 14517
$ id
uid=14517 gid=145 groupes=145,146,160,401,1000000,1000008
$ id doutrele
id: doutrele : No such user
if i run ldapsearch i can acces to the value

ldapsearch -x uidNumber=14517 -b dc=int-evry,dc=fr -h 
ldapdev.int-evry.fr -D cn=mcibind,ou=system,dc=int-evry,dc=fr -W uid cn 
gidNumber uidNumber Gecos
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=int-evry,dc=fr> with scope subtree
# filter: uidNumber=14517
# requesting: uid cn gidNumber uidNumber Gecos
#

# doutrele, People, int-evry.fr
dn: uid=doutrele,ou=People,dc=int-evry,dc=fr
uidNumber: 14517
gidNumber: 145
uid: doutrele
gecos: Eric DOUTRELEAU
cn: Eric DOUTRELEAU

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

it looks like a problem with accces of data but i can"t see where is the 
problem.
is there a way to see what is in the local cache?

More information about the users mailing list