[nssldap] problem with groups

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: "Simon Kissane" <Simon.Kissane [at] its.mq.edu.au>
To: <nssldap [at] padl.com>
Subject: [nssldap] problem with groups
Date: Mon, 05 Feb 2007 16:51:47 +1100

Hi

I am using nss_ldap 215 (the SuSE Enterprise 9 RPM), pointing to an
Oracle Internet Directory 10.1.4.0 LDAP on the same host.

Now, according to ethereal, when nss_ldap wants to know which group I
am a member of, rather than doing a search:

(&(objectclass=posixgroup)(uniquemember=cn=skissane,cn=staff,dc=mq,dc=edu,dc=au))

instead it does a search:

(&(objectclass=posixgroup))

Not such a big problem now, but as we get more groups and more users in
them, I am sure it is going to turn into a very big problem.

Anything I can do to fix this?

Thanks
Simon

FYI, my /etc/ldap.conf is:
===================
host    127.0.0.1
base    cn=staff,dc=mq,dc=edu,dc=au
ldap_version    3
binddn <username ommitted>
bindpw  <password ommtted>
pam_login_attribute mqUsername
pam_member_attribute uniquemember
pam_password md5
pam_password_prohibit_message This command will not work!!! Please
visit https://mypassword.mq.edu.au to change your password.
nss_map_attribute       uid mqUsername
ssl     no
pam_filter      objectclass=posixAccount
nss_base_passwd cn=Staff,dc=mq,dc=edu,dc=au
nss_base_shadow cn=Staff,dc=mq,dc=edu,dc=au
nss_base_group  cn=POSIX,dc=mq,dc=edu,dc=au
pam_password    crypt
================


-- 

----------------------------------------------
Simon Kissane
Team Leader, Systems Development
IT Services
Macquarie University 2109
Simon.Kissane@mq.edu.au 
----------------------------------------------

[nssldap] problem with groups, Simon Kissane

Prev by Date: [nssldap] Re: problem with groups
Next by Date: [nssldap] Re: (ITS#4750) libldap initialization of ~/.ldaprc and setuid
Previous by thread: [nssldap] Re: problem with groups
Next by thread: [nssldap] Re: (ITS#4750) libldap initialization of ~/.ldaprc and setuid