Here it is. I anonymize it a bit by replacing domain and server names.
admin@machine:~$ sudo -s [sudo] password for admin: root@machine:~# service nslcd stop root@machine:~# nslcd -d nslcd: DEBUG: NSS_LDAP nss-pam-ldapd 0.9.6 nslcd: DEBUG: ldap_set_option(LDAP_OPT_X_TLS_CACERTFILE,"/etc/ssl/certs/ca-certificates.crt") nslcd: DEBUG: CFG: threads 5 nslcd: DEBUG: CFG: uid nslcd nslcd: DEBUG: CFG: gid 132 nslcd: DEBUG: CFG: uri ldap://wsldc1sr01.kaust.edu.sa/ nslcd: DEBUG: CFG: ldap_version 3 nslcd: DEBUG: CFG: base DC=XXXXX,DC=XXX,DC=XX nslcd: DEBUG: CFG: scope sub nslcd: DEBUG: CFG: deref never nslcd: DEBUG: CFG: referrals yes nslcd: DEBUG: CFG: filter aliases (objectClass=nisMailAlias) nslcd: DEBUG: CFG: filter ethers (objectClass=ieee802Device) nslcd: DEBUG: CFG: filter group (objectClass=posixGroup) nslcd: DEBUG: CFG: filter hosts (objectClass=ipHost) nslcd: DEBUG: CFG: filter netgroup (objectClass=nisNetgroup) nslcd: DEBUG: CFG: filter networks (objectClass=ipNetwork) nslcd: DEBUG: CFG: filter passwd (objectClass=posixAccount) nslcd: DEBUG: CFG: filter protocols (objectClass=ipProtocol) nslcd: DEBUG: CFG: filter rpc (objectClass=oncRpc) nslcd: DEBUG: CFG: filter services (objectClass=ipService) nslcd: DEBUG: CFG: filter shadow (objectClass=shadowAccount) nslcd: DEBUG: CFG: map group userPassword "*" nslcd: DEBUG: CFG: map passwd userPassword "*" nslcd: DEBUG: CFG: map passwd gecos "${gecos:-$cn}" nslcd: DEBUG: CFG: map shadow userPassword "*" nslcd: DEBUG: CFG: map shadow shadowLastChange "${shadowLastChange:--1}" nslcd: DEBUG: CFG: map shadow shadowMin "${shadowMin:--1}" nslcd: DEBUG: CFG: map shadow shadowMax "${shadowMax:--1}" nslcd: DEBUG: CFG: map shadow shadowWarning "${shadowWarning:--1}" nslcd: DEBUG: CFG: map shadow shadowInactive "${shadowInactive:--1}" nslcd: DEBUG: CFG: map shadow shadowExpire "${shadowExpire:--1}" nslcd: DEBUG: CFG: map shadow shadowFlag "${shadowFlag:-0}" nslcd: DEBUG: CFG: bind_timelimit 10 nslcd: DEBUG: CFG: timelimit 0 nslcd: DEBUG: CFG: idle_timelimit 0 nslcd: DEBUG: CFG: reconnect_sleeptime 1 nslcd: DEBUG: CFG: reconnect_retrytime 10 nslcd: DEBUG: CFG: ssl off nslcd: DEBUG: CFG: tls_reqcert demand nslcd: DEBUG: CFG: tls_cacertfile /etc/ssl/certs/ca-certificates.crt nslcd: DEBUG: CFG: pagesize 0 nslcd: DEBUG: CFG: nss_min_uid 0 nslcd: DEBUG: CFG: nss_nested_groups no nslcd: DEBUG: CFG: nss_getgrent_skipmembers no nslcd: DEBUG: CFG: nss_disable_enumeration no nslcd: DEBUG: CFG: validnames /^[a-z0-9._@$()]([a-z0-9._@$() \~-]*[a-z0-9._@$()~-])?$/i nslcd: DEBUG: CFG: ignorecase no nslcd: DEBUG: CFG: cache dn2uid 15m 15m nslcd: version 0.9.6 starting nslcd: DEBUG: unlink() of /var/run/nslcd/socket failed (ignored): No such file or directory nslcd: DEBUG: initgroups("nslcd",132) done nslcd: DEBUG: setgid(132) done nslcd: DEBUG: setuid(126) done nslcd: accepting connections nslcd: [8b4567] DEBUG: connection from pid=9501 uid=124296 gid=1124296 nslcd: [8b4567] <usermod="kabanod"> DEBUG: nslcd_usermod("kabanod",asuser,"***") nslcd: [8b4567] <usermod="kabanod"> DEBUG: nslcd_usermod(shell="/usr/bin/zsh") nslcd: [8b4567] <usermod="kabanod"> DEBUG: myldap_search(base="DC=XXXXX,DC=XXX,DC=XX", filter="(&(objectClass=posixAccount)(uid=kabanod))") nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_initialize(ldap://servername/) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_rebind_proc() nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,0) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,0) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,0) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_simple_bind_s(NULL,NULL) (uri="ldap://servername/") nslcd: [8b4567] <usermod="kabanod"> ldap_result() failed: Operations error: 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 nslcd: [8b4567] <usermod="kabanod"> DEBUG: "kabanod": user not found: Operations error ^Cnslcd: caught signal SIGINT (2), shutting down nslcd: DEBUG: ldap_unbind() nslcd: version 0.9.6 bailing out
Here it is. I anonymize it a bit by replacing domain and server names.
admin@machine:~$ sudo -s option( LDAP_OPT_ X_TLS_CACERTFIL E,"/etc/ ssl/certs/ ca-certificates .crt") wsldc1sr01. kaust.edu. sa/ DC=XXX, DC=XX nisMailAlias) ieee802Device) posixGroup) ipHost) nisNetgroup) ipNetwork) posixAccount) ipProtocol) oncRpc) ipService) shadowAccount) ange:-- 1}" g:--1}" ve:--1} " :--1}" certs/ca- certificates. crt skipmembers no enumeration no 9._@$() ]([a-z0- 9._@$() \~-]*[a- z0-9._@ $()~-]) ?$/i nslcd/socket failed (ignored): No such file or directory "nslcd" ,132) done "kabanod" ,asuser, "***") shell=" /usr/bin/ zsh") search( base="DC= XXXXX,DC= XXX,DC= XX", filter= "(&(objectClass =posixAccount) (uid=kabanod) )") (ldap:/ /servername/ ) rebind_ proc() option( LDAP_OPT_ PROTOCOL_ VERSION, 3) option( LDAP_OPT_ DEREF,0) option( LDAP_OPT_ TIMELIMIT, 0) option( LDAP_OPT_ TIMEOUT, 0) option( LDAP_OPT_ NETWORK_ TIMEOUT, 0) option( LDAP_OPT_ REFERRALS, LDAP_OPT_ ON) option( LDAP_OPT_ RESTART, LDAP_OPT_ ON) bind_s( NULL,NULL) (uri="ldap: //servername/ ")
[sudo] password for admin:
root@machine:~# service nslcd stop
root@machine:~# nslcd -d
nslcd: DEBUG: NSS_LDAP nss-pam-ldapd 0.9.6
nslcd: DEBUG: ldap_set_
nslcd: DEBUG: CFG: threads 5
nslcd: DEBUG: CFG: uid nslcd
nslcd: DEBUG: CFG: gid 132
nslcd: DEBUG: CFG: uri ldap://
nslcd: DEBUG: CFG: ldap_version 3
nslcd: DEBUG: CFG: base DC=XXXXX,
nslcd: DEBUG: CFG: scope sub
nslcd: DEBUG: CFG: deref never
nslcd: DEBUG: CFG: referrals yes
nslcd: DEBUG: CFG: filter aliases (objectClass=
nslcd: DEBUG: CFG: filter ethers (objectClass=
nslcd: DEBUG: CFG: filter group (objectClass=
nslcd: DEBUG: CFG: filter hosts (objectClass=
nslcd: DEBUG: CFG: filter netgroup (objectClass=
nslcd: DEBUG: CFG: filter networks (objectClass=
nslcd: DEBUG: CFG: filter passwd (objectClass=
nslcd: DEBUG: CFG: filter protocols (objectClass=
nslcd: DEBUG: CFG: filter rpc (objectClass=
nslcd: DEBUG: CFG: filter services (objectClass=
nslcd: DEBUG: CFG: filter shadow (objectClass=
nslcd: DEBUG: CFG: map group userPassword "*"
nslcd: DEBUG: CFG: map passwd userPassword "*"
nslcd: DEBUG: CFG: map passwd gecos "${gecos:-$cn}"
nslcd: DEBUG: CFG: map shadow userPassword "*"
nslcd: DEBUG: CFG: map shadow shadowLastChange "${shadowLastCh
nslcd: DEBUG: CFG: map shadow shadowMin "${shadowMin:--1}"
nslcd: DEBUG: CFG: map shadow shadowMax "${shadowMax:--1}"
nslcd: DEBUG: CFG: map shadow shadowWarning "${shadowWarnin
nslcd: DEBUG: CFG: map shadow shadowInactive "${shadowInacti
nslcd: DEBUG: CFG: map shadow shadowExpire "${shadowExpire
nslcd: DEBUG: CFG: map shadow shadowFlag "${shadowFlag:-0}"
nslcd: DEBUG: CFG: bind_timelimit 10
nslcd: DEBUG: CFG: timelimit 0
nslcd: DEBUG: CFG: idle_timelimit 0
nslcd: DEBUG: CFG: reconnect_sleeptime 1
nslcd: DEBUG: CFG: reconnect_retrytime 10
nslcd: DEBUG: CFG: ssl off
nslcd: DEBUG: CFG: tls_reqcert demand
nslcd: DEBUG: CFG: tls_cacertfile /etc/ssl/
nslcd: DEBUG: CFG: pagesize 0
nslcd: DEBUG: CFG: nss_min_uid 0
nslcd: DEBUG: CFG: nss_nested_groups no
nslcd: DEBUG: CFG: nss_getgrent_
nslcd: DEBUG: CFG: nss_disable_
nslcd: DEBUG: CFG: validnames /^[a-z0-
nslcd: DEBUG: CFG: ignorecase no
nslcd: DEBUG: CFG: cache dn2uid 15m 15m
nslcd: version 0.9.6 starting
nslcd: DEBUG: unlink() of /var/run/
nslcd: DEBUG: initgroups(
nslcd: DEBUG: setgid(132) done
nslcd: DEBUG: setuid(126) done
nslcd: accepting connections
nslcd: [8b4567] DEBUG: connection from pid=9501 uid=124296 gid=1124296
nslcd: [8b4567] <usermod="kabanod"> DEBUG: nslcd_usermod(
nslcd: [8b4567] <usermod="kabanod"> DEBUG: nslcd_usermod(
nslcd: [8b4567] <usermod="kabanod"> DEBUG: myldap_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_initialize
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_set_
nslcd: [8b4567] <usermod="kabanod"> DEBUG: ldap_simple_
nslcd: [8b4567] <usermod="kabanod"> ldap_result() failed: Operations error: 000004DC: LdapErr: DSID-0C0907C2, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580
nslcd: [8b4567] <usermod="kabanod"> DEBUG: "kabanod": user not found: Operations error
^Cnslcd: caught signal SIGINT (2), shutting down
nslcd: DEBUG: ldap_unbind()
nslcd: version 0.9.6 bailing out