このプログラムはnsswitchを尊重しませんか?

このプログラムはnsswitchを尊重しませんか?

UbuntuにLDAPとnsswitchを設定しましたが、ある程度動作しているようです。たとえば、getent passwdLDAPサーバーのアカウントを一覧表示します。/etc/passwd

ただし、たとえば、LDAPサーバーのアカウントは認識されないようですid <user>。このプログラムはnsswitch設定sudo -u <user> bashのみを考慮していますか?私が知っておくべき/etc/passwdプログラムだけを調べる他の(重要な)プログラムがありますか?/etc/passwd

/etc/nsswitch.confのもの:

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd:         compat ldap
group:          compat ldap
shadow:         compat ldap

hosts:          files ldap mdns4_minimal [NOTFOUND=return] dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

netgroup:       nis

しかし、LDAPはアカウントを認識しているようですが、問題ではgetentないようです。nsswitch

構成に関してはpam、何を探すべきかわかりません。私の目には大丈夫に見えます。grep "^[^#]" *与えられた

accountsservice:password   substack      common-password
accountsservice:password   optional      pam_pin.so
chfn:auth       sufficient  pam_rootok.so
chfn:@include common-auth
chfn:@include common-account
chfn:@include common-session
chpasswd:@include common-password
chsh:auth       required   pam_shells.so
chsh:auth       sufficient  pam_rootok.so
chsh:@include common-auth
chsh:@include common-account
chsh:@include common-session
common-account:account  [success=2 new_authtok_reqd=done default=ignore]    pam_unix.so 
common-account:account  [success=1 default=ignore]  pam_ldap.so 
common-account:account  requisite           pam_deny.so
common-account:account  required            pam_permit.so
common-auth:auth    [success=2 default=ignore]  pam_unix.so nullok_secure
common-auth:auth    [success=1 default=ignore]  pam_ldap.so use_first_pass
common-auth:auth    requisite           pam_deny.so
common-auth:auth    required            pam_permit.so
common-password:password    [success=2 default=ignore]  pam_unix.so obscure sha512
common-password:password    [success=1 user_unknown=ignore default=die] pam_ldap.so try_first_pass
common-password:password    requisite           pam_deny.so
common-password:password    required            pam_permit.so
common-session:session  [default=1]         pam_permit.so
common-session:session  requisite           pam_deny.so
common-session:session  required            pam_permit.so
common-session:session optional         pam_umask.so
common-session:session  required    pam_unix.so 
common-session:session  optional            pam_ldap.so 
common-session:session  optional    pam_systemd.so 
common-session-noninteractive:session   [default=1]         pam_permit.so
common-session-noninteractive:session   requisite           pam_deny.so
common-session-noninteractive:session   required            pam_permit.so
common-session-noninteractive:session optional          pam_umask.so
common-session-noninteractive:session   required    pam_unix.so 
common-session-noninteractive:session   optional            pam_ldap.so 
cron:@include common-auth
cron:session    required     pam_loginuid.so
cron:session       required   pam_env.so
cron:session       required   pam_env.so envfile=/etc/default/locale
cron:@include common-account
cron:@include common-session-noninteractive 
cron:session    required   pam_limits.so
login:auth       optional   pam_faildelay.so  delay=3000000
login:auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so
login:auth       requisite  pam_nologin.so
login:session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close
login:session       required   pam_env.so readenv=1
login:session       required   pam_env.so readenv=1 envfile=/etc/default/locale
login:@include common-auth
login:auth       optional   pam_group.so
login:session    required   pam_limits.so
login:session    optional   pam_lastlog.so
login:session    optional   pam_motd.so  motd=/run/motd.dynamic noupdate
login:session    optional   pam_motd.so
login:session    optional   pam_mail.so standard
login:@include common-account
login:@include common-session
login:@include common-password
login:session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open
newusers:@include common-password
other:@include common-auth
other:@include common-account
other:@include common-password
other:@include common-session
passwd:@include common-password
polkit-1:@include common-auth
polkit-1:@include common-account
polkit-1:@include common-password
polkit-1:session       required   pam_env.so readenv=1 user_readenv=0
polkit-1:session       required   pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0
polkit-1:@include common-session
ppp:auth    required    pam_nologin.so
ppp:@include common-auth
ppp:@include common-account
ppp:@include common-session
runuser:auth        sufficient  pam_rootok.so
runuser:session     optional    pam_keyinit.so revoke
runuser:session     required    pam_limits.so
runuser:session     required    pam_unix.so
runuser-l:auth      include     runuser
runuser-l:session       optional    pam_keyinit.so force revoke
runuser-l:-session  optional    pam_systemd.so
runuser-l:session       include     runuser
sshd:@include common-auth
sshd:account    required     pam_nologin.so
sshd:@include common-account
sshd:session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so close
sshd:session    required     pam_loginuid.so
sshd:session    optional     pam_keyinit.so force revoke
sshd:@include common-session
sshd:session    optional     pam_motd.so  motd=/run/motd.dynamic
sshd:session    optional     pam_motd.so noupdate
sshd:session    optional     pam_mail.so standard noenv # [1]
sshd:session    required     pam_limits.so
sshd:session    required     pam_env.so # [1]
sshd:session    required     pam_env.so user_readenv=1 envfile=/etc/default/locale
sshd:session [success=ok ignore=ignore module_unknown=ignore default=bad]        pam_selinux.so open
sshd:@include common-password
su:auth       sufficient pam_rootok.so
su:session       required   pam_env.so readenv=1
su:session       required   pam_env.so readenv=1 envfile=/etc/default/locale
su:session    optional   pam_mail.so nopen
su:@include common-auth
su:@include common-account
su:@include common-session
sudo:session    required   pam_env.so readenv=1 user_readenv=0
sudo:session    required   pam_env.so readenv=1 envfile=/etc/default/locale user_readenv=0
sudo:@include common-auth
sudo:@include common-account
sudo:@include common-session-noninteractive
systemd-user:@include common-account
systemd-user:@include common-session-noninteractive
systemd-user:session optional pam_systemd.so

関連情報