29
votes
Why am I known as a user?
At a minimum, the hostname of the Active Directory server, a password or key for the connection, and the information that my user has sudo privileges should be configured somewhere on the server. But ...
- 15.2k
13
votes
Why am I known as a user?
You have ldap authentication enabled on your system, so that answers how you are able to log in. There's a central LDAP server against which you're authenticated. That's typical for an AD setup.
At a ...
- 51.5k
4
votes
Accepted
What must be added to nsswitch.conf to show AD users and groups?
As suggested by @Doug O'Neal in a comment, it was necessary to set
enumerate = true
in /etc/sssd/sssd.conf.
Now getent passwd and getent group show all users and groups defined in the AD.
Note ...
- 32.4k
4
votes
Accepted
getent passwd -s sss LOCALUSER shows local user
The option that controls this behavior is buried in sssd.conf(5) on CentOS 7 and Fedora, but not in the online man page.
sssd.conf
[sssd]
enable_files_domain = false
Reference 3 shows that sssd ...
- 436
4
votes
Accepted
How to get list of users with a given group as primary group
I don’t think you can do any better than retrieving each member user’s information:
groupinfo="$(getent group xyz)"
groupinfo="${groupinfo#*:*:}"
gid="${groupinfo%%:*}"
...
- 481k
3
votes
Accepted
Inconsistency between “getent group” and “getent group <groupname>” – why?
@jeff-schaller’s comment got me on the right track: the docker group is defined in the Hesiod database:
$ hesinfo docker group
docker:x:600:
As @jeff-schaller and @stephen-kitt further pointed out, ...
- 235
3
votes
Accepted
Why does getent default to .station if no TLD is specified?
getent hosts does what the hosts line of nsswitch.conf tells it to do. The strace indicates it's sending a unicast DNS query to 192.168.0.100.
You have two hostname resolution services that could use ...
- 114k
3
votes
Accepted
find user name through full name / gecos field?
I have not found a way to search the database, but looking up entries in OpenLDAP directly works for me.
$ ldapsearch -x -h ldap.example.com -ZZ \
-D cn=lookup,dc=example,dc=com -W \
...
- 1,643
3
votes
getent passwd does not return AD users Centos 7 SSSD
Your title says you're using sssd. The default here is to avoid enumerating user accounts as it can be very slow.
getent passwd # lists only local users
getent passwd domain_user # ...
- 128k
2
votes
Accepted
libnss-pgsql2 - getent group fails
Found, that the group-SQL need an additional list of the usernames. Changing the SQLs to
getgrnam = SELECT g.groupname, 'x' AS passwd, g.gid, ARRAY(SELECT p.username FROM passwd_table p INNER ...
- 81
2
votes
find user name through full name / gecos field?
You could use something like the following sed command:
$ SURNAME=Smith
$ getent passwd | sed -n '/'$SURNAME'/s/^\([^:]*\):\([^:]*\):\([^:]*\):\([^:]*\):\([[:alpha:]]\+ '$SURNAME'\):\([^:]*\):\([^:]*\...
- 4,756
2
votes
find user name through full name / gecos field?
You could use awk on the output of getent passwd:
getent passwd | awk -F: '$5 ~ /lastname/ {print $1}'
- 4,729
2
votes
Accepted
Why are there two root and nobody accounts according to "getent passwd"?
The reason for the two entries is that NSS has both passwd and systemd as sources.
You can see this in the /etc/nsswitch.conf file. The final two rows containing root and nobody that are returned by ...
- 12.3k
2
votes
extract user id and 1st inital last name from output
With awk, assuming : and space can be reliably used as field separators:
$ echo 'u12345:John Doe' | awk -F'[: ]' '{print $1 "," tolower(substr($2, 1, 1) $3)}'
u12345,jdoe
- 12.2k
1
vote
Why does getent default to .station if no TLD is specified?
Due to the unrelated issue, I ended up checking /etc/resolv.conf, which is created by NetworkManager on all the distros I use as clients.
According to @Kusalananda 's suggestion, it seems that the ...
- 43
1
vote
extract user id and 1st inital last name from output
With Perl:
perl -lne 'print "$1," . lc $2 . $3 if /^([^:]+):(\w)\S+\s+(\S+)/' file
u12345,jdoe
- 36.7k
1
vote
Accepted
'getent passwd' not showing LDAP users, athough users can log in
The suggestion to delete the sssd cache was indeed correct. However, running
sss_cache -E
did not help. I had to actually delete the relevant files with
rm -rf /var/lib/sss/db/*
- 195
1
vote
Groups from LDAP: "getent" reports membership correctly but missing in output of "id"
With some implementations of LDAP it's necessary not only to define the members of a group but also to define the groups of which a user is a member. (One isn't implied by the other - both ...
- 128k
1
vote
Accepted
User listed in group but not in getent passwd
This might happen when the LDAP database has a PosixGroup foo with attribute memberUid with value jdoe
The user might or might not exist, but the username does exist in the PosixGroup foo
This might ...
- 26
1
vote
Accepted
Linux getent automount?
The following seem to describe configured automount maps in a way that alleviates the need to learn ldap. You might need to be root for it to work.
automount --dumpmaps
- 1,020
Only top scored, non community-wiki answers of a minimum length are eligible