So in this case, I would assume that the User and Group directive implied in httpd.conf would be what's in play

$ egrep 'User|Group' httpd.conf
User wasadmin
Group was

but as you can see the id has that group as it's primary group

$ id
uid=1209(wasadmin) gid=1209(was) groups=1209(was),1230(abcadmin),1231(enetstaf),2209(ibmcmgrp)


/* -----------------------------
Will Darton

I.T. Operations
Information Services
Navy Federal Credit Union
wk 703.255.8639
cell: 703.232.2344
will_darton@navyfederal.org

*/



From:        Dmitri Pal <dpal@redhat.com>
To:        <sssd-users@lists.fedorahosted.org>,
Date:        05/23/2013 10:59 AM
Subject:        Re: [SSSD-users] IBM IHS Apache and SSSD
Sent by:        <sssd-users-bounces@lists.fedorahosted.org>




On 05/23/2013 10:55 AM, Will_Darton@navyfederal.org wrote:
This is straight from the command line. no daemons or init.d services in play here

# su - wasadmin

$ id

uid=1209(wasadmin) gid=1209(was) groups=1209(was),1230(abcadmin),1231(enetstaf),2209(ibmcmgrp)

$ getent passwd wasadmin

wasadmin:*:1209:1209:WebSphere admin:/home/wasadmin:/bin/ksh

$ id

$ pwd

$  . /opt/ihs/70/bin/envvars

$ /opt/ihs/70/bin/httpd -d /opt/ihs/70 -k start

httpd: bad user name wasadmin



Can it be related to some groups?
Can it be that apache expects the user to be a member of a group which he is not in this case?

/* -----------------------------
Will Darton

I.T. Operations
Information Services
Navy Federal Credit Union
wk 703.255.8639
cell: 703.232.2344

will_darton@navyfederal.org
*/




From:        
Jakub Hrozek <jhrozek@redhat.com>
To:        
<sssd-users@lists.fedorahosted.org>,
Date:        
05/23/2013 10:51 AM
Subject:        
Re: [SSSD-users] IBM IHS Apache and SSSD
Sent by:        
<sssd-users-bounces@lists.fedorahosted.org>




On Thu, May 23, 2013 at 10:32:21AM -0400,
Will_Darton@navyfederal.org wrote:
>    Does anyone have any experience with using IBM IHS Apache and sssd
>    together?  
>    I've got some RHEL6.4 servers that need to use IBM IHS for apache.
>
>    The 'User <user>' in the httpd.conf file is set to a userid that is
>    present in LDAP ( via sssd) and can be su - <userid> without any issue,
>    but httpd will not start, and kicks back
>
>    httpd: <user> is not a valid user.
>
>    I would think Apache would use nss to get this information, but I can't
>    find any errors in the sssd_nss logs to indicate a problem.
>
>    Thoughts?

This might actually be similar to another issue on this list -- do you
know if apache start before or after SSSD ?
_______________________________________________
sssd-users mailing list

sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users




_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users



--
Thank you,
Dmitri Pal

Sr. Engineering Manager for IdM portfolio
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/


_______________________________________________
sssd-users mailing list
sssd-users@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users