On Thu, Jun 28, 2012 at 12:14 AM, Dumitru Ciobanu <ciobanu [ dot ] dumitru [ at ] gmail [ dot ] com> wrote: > Now going over Stephen's suggestion that users are mapped to the wrong > field, well I'm not sure which field should they be setup to; I > thought the username is the one that matters but I guess I could be > wrong. You need to map the sAMAaccountName on AD to uid. The mappings are in /etc/ldap.conf, or /etc/nslcd.conf depending on which ldap you are using. If you have nslcd running then you are probably using /etc/nslcd.conf. Have a look at look at this gentoo document for configuring ldap.conf http://en.gentoo-wiki.com/wiki/Active_Directory_Authentication_using_LDAP#Attribute_Mapping For nslcd.conf you should be able to slightly tweak the above following this man page: http://arthurdejong.org/nss-pam-ldapd/nslcd.conf.5 One way to see what your usernames look like is the 'getent' command. On most systems this just returns the passwd file. On systems using ldap or nis authentication getent returns the remote users as well. $ getent passwd [user|uid] -- sg