lists.arthurdejong.org
RSS feed

Re: "Genet group" returns empty list of group member

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: "Genet group" returns empty list of group member



On Thu, 2021-11-18 at 19:39 +0000, Zhou, Shouben wrote:
> I have found only nss-pam-ldapd version 0.7.5 works under CentOS 7,
> meaning it will return the list of group member using “getent group”.
> So I have down graded nss-pam-ldapd to 0.7.5 on CentOS 7.
> The default nss-pam-ldapd version cmes with CentOS is 0.8.13

This is most likely related to the switch of how group members are
looked up. Release 0.8.4 switched to using the member attribute instead
of the uniqueMember by default.

To restore the old behaviour you can put this in nslcd.conf:

    map group member uniqueMember

Hope this helps

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --