Greetings,

I could use some help with a vexing nsd_openldap problem.

I'm working on deploying nsd_openldap and pam_ldap as an authentication
mechanism for IRIX 6.5.28 clients. I have my test clients successfully
bound to the LDAP server through both nsd_openldap and pam_ldap and can
login to the system from the console and over ssh. Everything seems to
work, except for resolving numeric UIDs into usernames i.e. calls to
getpwuid(). Calls to getpwnam() however, work.

% id
uid=1000 gid=1000
% whoami
no login associated with uid 1000

I have the following in my nsd_openldap.conf (names changed to protect
the innocent and others):

[...]
table passwd.byname
{
attribute UID {}
attribute UIDNUMBER {}
attribute GIDNUMBER {}
attribute HOMEDIRECTORY {}
attribute CN {}

function=passwd.byname
filter_lookup="(&(OBJECTCLASS=POSIXACCOUNT)(UID=%s))"
filter_list="(OBJECTCLASS=POSIXACCOUNT)"
format="UID:x:UIDNUMBER:GIDNUMBER:CN:HOMEDIRECTORY:/bin/tcsh"
}

table passwd.byuid
{
attribute UID {}
attribute UIDNUMBER {}
attribute GIDNUMBER {}
attribute HOMEDIRECTORY {}
attribute CN {}

function=passwd.byuid
filter_lookup="(&(OBJECTCLASS=POSIXACCOUNT)(UIDNUMBER=%s))"
format="UID:x:UIDNUMBER:GIDNUMBER:CN:HOMEDIRECTORY:/bin/tcsh"
}
[...]
# A schema object is just a grouping of tables.
schema rfc2307
{
table=passwd.byname
table=passwd.byuid
[...]

I have this line in my nsswitch.conf:
passwd: files openldap

passwd.byname is clearly working. Any ideas why passwd.byuid would not?
Is this a bug, or have I missed something in my configuration? Similar
setups on Linux work fine for me with the same LDAP server.

Thanks,

Brandon

--
Brandon D. Valentine
Senior Systems Administrator
Center for Structural Biology
Vanderbilt University