Re: How to fetch all the groups for a user from Active Directory

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: varun mittal <vmittal05 [at] gmail.com>
To: Arthur de Jong <arthur [at] arthurdejong.org>
Cc: nss-pam-ldapd-users [at] lists.arthurdejong.org
Subject: Re: How to fetch all the groups for a user from Active Directory
Date: Mon, 18 Jan 2021 13:52:39 +0530

Thank you Arthur, Mark for the quick responses and for clarifying the doubts.

On Sun, Jan 17, 2021 at 8:45 PM Arthur de Jong <arthur [at] arthurdejong.org> wrote:

On Sun, 2021-01-17 at 18:54 +0530, varun mittal wrote:
> Regarding the 'member' and 'memberUID' attribute. I need not do any
> specific config for that, right?

I think that Active Directory only uses the member attribute to define
group membership.

The memberUid attribute is defined in RFC 2307 and is a more classical
mapping of Unix flat files to an LDAP schema. It has the extra benefit
of allowing references to users defined elsewhere (e.g. you can define
a group in LDAP that has a local user as member).

There should be no need for attribute mapping for group membership in
AD as far as I know.
>

--
-- arthur - arthur [at] arthurdejong.org - https://arthurdejong.org/ --

Re: How to fetch all the groups for a user from Active Directory, (continued)

Prev by Date: Re: How to fetch all the groups for a user from Active Directory
Next by Date: libnss-pam-ldapd: retrieve password information from an LDAP user?
Previous by thread: Re: How to fetch all the groups for a user from Active Directory
Next by thread: libnss-pam-ldapd: retrieve password information from an LDAP user?