[Gllug] Problem with users (authing over Active Directory) not being about to run software, but local users can.
JLMS
jjllmmss at googlemail.com
Wed Oct 14 23:23:01 UTC 2009
On Wed, Oct 14, 2009 at 12:00 PM, KJS <lists at netzensolutions.com> wrote:
> Hi Guys,
>
> I have a CentOS box running with Active Directory Authentication via
> winbind and that is working fine.
>
> When users login for the first time their home dir's are created in
> /home/%DOMAIN%/ which is also working fine.
>
> Now, they have installed a bit of commercial software on the CentOS
> server which works fine for all the local users but not the users
> logging in via Active Directory auth. Note this software does use a gui
> interface, when asking for support they would only support RHEL (not the
> clones).
>
> Users logging in over Active Directory get the following error:
>
> Error id=371530
>
> Fatal: Internal system error, cannot recover.
>
> Release = 'C-2009.06-1' Architecture = 'linux' Program = 'DVE'
>
> '164492884 142997729 164493463 -6912 -6273988 164440005 164565674
> 164214114 142860386 142254224 141374259 1732236'
>
>
> Now the difference between the two users account's are:
>
> Local User (who is a member of some AD groups):
>
> uid=501(davep) gid=501(davep) groups=501(davep),502(edf),16777216(domain
> users),16777225(subversion),16777226(web workplace
> users),16777220(BUILTIN\users)
>
> Active Directory User:
>
> uid=16777238(kjs) gid=16777216(domain users) groups=16777216(domain
> users),502(edf),16777225(subversion),16777226(web workplace
> users),16777220(BUILTIN\users)
>
>
> So basically I have been sat here trying to work out the difference
> between the two users accounts, I have tested on other accounts also
> with the same results it works on a local account fine, but not on a
> user authenticating via AD.
>
> TIA
>
> KJS
Those big uid and gid for the second user look suspicious (does
anybody know what the maximum uid/gid, guaranteed to work with
everything, are?)
Your software may have a hard limit regarding the biggest uid or gid
that it can deal with. Could you change those for your failing LDAP
user and try again?
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list