Re: [nssldap] uniquemember attribute issue

["Dan Am" <ldap [at] lonx.net>]

Hi Guy,
you need to use "msSFU30posixmember" instead of "memberuid". This does get populated. In this case your nss_ldap needs to be compiled with rfc2307bis support. 
Best 
Dan

PS: If you plan to migrate to R2 in the not too distant future, watch out, there are migration issues.

2008/3/10, Defryn, Guy <G.P.Defryn [at] massey.ac.nz>:

 

Hi,

 

first time poster here and new to everything nssldap.

 

The ldap.conf file on our RHEL boxes have the following entry

 

nss_map_objectclass    posixAccount  User

nss_map_attribute      uid           msSFUName

nss_map_attribute      userPassword  msSFUPassword

nss_map_attribute      homeDirectory msSFUHomeDirectory

 

nss_map_objectclass    posixGroup    Group

nss_map_attribute      cn            msSFUName

nss_map_attribute      uniqueMember  memberUid

 

In  our setup the memberUid in Active directory is not being populated anymore.

Everything is pretty much being automated. When a new user is created in a group in  the nss_base_group object he will not appear when issueing "getent group groupname"

Obviously this is to be expected as the memberUId field is not populated.

 

An LDAP query shows that the user is specified in the Member object.

 

When I change uniqueMember attribute to Member the new user is revealed when issueing "getent group groupname"

However, the few users in the group who still have there memberUid set (the way it used to be done) appear twice.

 

Why is that and how can I get unique results from just the member object?

 

Hope it all makes sense

 

Cheers