Subject: Re: nsswitch and libnss_winbind
To: Robby Griffin <firstname.lastname@example.org>
From: Sarton O'Brien <email@example.com>
Date: 05/30/2007 09:49:11
On Wed, 30 May 2007 12:29:42 am Robby Griffin wrote:
> From experience with nss_ldap, I'd point out that the library will
> need to be found at /usr/lib/nss_foo.so.0, where foo is what you put
> in nsswitch.conf -- you can probably ktruss your test program and
> watch it try to dlopen this location. The library version number =3D=3D 0
> was not optional when I did this in NetBSD 3.1.
This was my first assumption as I use nss_ldap quite a bit for virtual=20
As mentioned I tried copying and linking but no joy.
I found an archive from way back stating that libnss_winbind was not suppor=
and that the nss_ldap library had been modified for NetBSD but the=20
pam_winbind library should still allow authentication if you modify your=20
I thought seeing as the article was quite old that this may have changed.
> Make sure your test program is something dynamically linked. I
> happened to make the mistake of deciding on "echo ~user" in tcsh, but
> then running a static tcsh on the box I was setting up. In that case
> dynamic loading of arbitrary nss modules just doesn't happen.
=46rom my understanding I should at least receive debug from winbindd once=
libnss_winbind has been accessed for retrieving the group listing from the=
DC. So far I get nothing at all. It seems the library is not in the right=20
spot, linked correctly or is just not being used.
As the program I am using to test merely uses nsswitch I wouldn't know wher=
to look for any calls possibly being made to the required library.
I guess the answer I am looking for is a firm 'yes this facility works, I h=
it set like this' :) ... or a 'no it's not supported' would suffice.
Thanks for your help.