MDLog:/sysadmin

The Journal Of A Linux Sysadmin

LDAP: Troubleshooting "I Have No Name!"

| Comments

After performing some security related OS updates, i was receiving from LDAP all sort of strange errors. Like, when you logged on the ldap server as a regular ldap user (not system user) the regular user@host:~$ prompt changed to:

1
I have no name!@host:~$

Running whoami was also giving errors:

1
2
I have no name!@host:~$ whoami
whoami: cannot find name for user ID 2003

and also regular w what showing the following output:

1
2
3
4
I have no name!@host:~$ w
10:14:51 up 109 days, 21:45,  1 user,  load average: 0.92, 1.19, 1.19
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
w: ldap-nss.c:1374: do_init: Assertion 

cfg->ldc_uris[__session.ls_current_uri]!= ((void *)0)’ failed. Aborted “`

Quite ugly, right? Strangely this was working perfectly on all the other systems that were using the LDAP server to authenticate, except as show on the LDAP server itself.

In my case, the issue was caused by the updates setting wrong permissions on /etc/libnss-ldap.conf as read-only for root only (600) and the openldap user was not able to read the file.

If you encounter similar errors you might want to first check if the permissions on /etc/libnss-ldap.conf - on debian (or /etc/ldap.conf on other distros) allow your ldap user to read the file. Hopefully this will help others having the same problem ;-)

Comments