[Gllug] Problem with users (authing over Active Directory) not being about to run software, but local users can.

John Edwards john at cornerstonelinux.co.uk
Thu Oct 15 11:48:27 UTC 2009


On Thu, Oct 15, 2009 at 12:23:01AM +0100, JLMS wrote:
> On Wed, Oct 14, 2009 at 12:00 PM, KJS <lists at netzensolutions.com> wrote:
>> Hi Guys,
<snip>
>> Now, they have installed a bit of commercial software on the CentOS
>> server which works fine for all the local users but not the users
>> logging in via Active Directory auth. Note this software does use a gui
>> interface, when asking for support they would only support RHEL (not the
>> clones).
>>
>> Users logging in over Active Directory get the following error:
>>
>> Error id=371530
>>
>> Fatal: Internal system error, cannot recover.
<snip> 
> Those big uid and gid for the second user look suspicious (does
> anybody know what the maximum uid/gid, guaranteed to work with
> everything, are?)

In the old days it used to be a 16 bit unsigned int, so 65535
(2^16 -1). Almost all modern UNIX-like systems now use a 32 bit
signed int, so 2147483647 (2^31 -1).

For more details see the Red Hat FAQ::
	http://kbase.redhat.com/faq/docs/DOC-2848


> Your software may have a hard limit regarding the biggest uid or gid
> that it can deal with. Could you change those for your failing LDAP
> user and try again?

Any application that hard codes 16 bit values without reference
to what the OS actually uses should be shot.

I assume you have paid a fair bit of cash for this piece of
commercial software and that includes some support. So why
not contact them to get it sorted out? They should be able
to test if their application can use 32 bit group IDs and
then fix it if it can't.

The source for CentOS is exactly the same as RedHat, and so
it will behave exactly the same when it meets 32 bit IDs.

The commercial software support team should also be able to
tell you what "Error id=371530" means, because that is probably
from their software and will be the same regardless of OS.


-- 
#---------------------------------------------------------#
|    John Edwards   Email: john at cornerstonelinux.co.uk    |
#---------------------------------------------------------#
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20091015/74d900ab/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list