Re: [nssldap] RV: Unix id command and Openldap
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: [nssldap] RV: Unix id command and Openldap
- From: Patrick Wolfe <pwolfe [at] employease.com>
- To: <okossuth [at] antel.com.uy>
- Cc: <pwolfe [at] employease.com>, <nssldap [at] padl.com>
- Subject: Re: [nssldap] RV: Unix id command and Openldap
- Date: Mon, 22 Dec 2008 15:23:00 -0500
perhaps your installed "id" command doesn't support the nsswitch.conf file and it's associated library. You might need to recompile it. What distro and version of UNIX are you using?
-- Patrick Wolfe ADP Employease 770-325-7724 On Dec 22, 2008, at 3:14 PM, <okossuth@antel.com.uy> wrote:
of course I have done that.. any other ideas? Saludos, Oskar Kossuth Administrador UNIX ANTEL Telecomunicaciones -----Mensaje original-----De: owner-nssldap@padl.com [owner-nssldap [at] padl.com] En nombre de Patrick WolfeEnviado el: Monday, December 22, 2008 5:04 PM Para: Kossuth Espinosa, Oskar CC: nssldap@padl.com Asunto: Re: [nssldap] RV: Unix id command and Openldap the "id" command works fine on our FreeBSD 6 and CentOS 4.x/5.x servers. Make sure your /etc/nsswitch.conf says "passwd: files ldap" and "group: files ldap", or else id won't be searching ldap for ids and groups. -- Patrick Wolfe ADP Employease 770-325-7724 On Dec 22, 2008, at 2:15 PM, <okossuth@antel.com.uy> wrote:Hi Does the id command works with a system using OPENLDAP authentication ? I have implemented a server with openldap 2.3 and several clients use this system to authenticate users, and works fine except that when I do a "id user" on a client it only gives me the information of the primary group which the user belongs to and not of the suplementary groups that he is also a member of in the LDAP server... any ideas?? im sending you the /etc/ldap.conf and /etc/nsswitch.conf of the client. thanks for your help Saludos, Oskar Kossuth Administrador UNIX ANTEL Telecomunicaciones -----Mensaje original----- De: openldap-technical-bounces+okossuth=antel.com.uy@OpenLDAP.org [openldap-technical-bounces+okossuth=antel.com.uy [at] OpenLDAP.org ] En nombre de Andrew Findlay Enviado el: Wednesday, December 17, 2008 2:00 PM Para: Kossuth Espinosa, Oskar CC: openldap-technical@openldap.org; claus.kick@siemens.com Asunto: Re: Unix id command and OpenldapOn Wed, Dec 17, 2008 at 02:20:40PM -0200, okossuth@antel.com.uy wrote:My problem is that I only see the primary group without thesupplementary ones, whenever the groups are stored in the LDAP if theuser is in the ldap server.This sounds more like an NSS problem than a purely OpenLDAP one, so you may get more help by posting to nssldap@padl.com. Please post the 'passwd' and 'group' lines from /etc/nsswitch.conf and also the /etc/ldap.conf file (with passwords obscured). It would also be worth running slapd at debug level 768 and posting what gets logged when you run the 'id' command. Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | ----------------------------------------------------------------------- El presente correo y cualquier posible archivo adjunto está dirigido únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo anexando este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . This e-mail and any attachment is confidential and is intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible for any communication emitted without respecting our Information Security Policy. <ldap.conf><nsswitch.conf>
- [nssldap] RV: Unix id command and Openldap,
okossuth
- Re: [nssldap] RV: Unix id command and Openldap,
Patrick Wolfe
- RE: [nssldap] RV: Unix id command and Openldap,
okossuth
- Re: [nssldap] RV: Unix id command and Openldap, Patrick Wolfe
- RE: [nssldap] RV: Unix id command and Openldap,
okossuth
- Re: [nssldap] RV: Unix id command and Openldap,
Patrick Wolfe
- Re: [nssldap] RV: Unix id command and Openldap, Patrick Wolfe
- Re: [nssldap] RV: Unix id command and Openldap, Steve Thompson
- Re: [nssldap] RV: Unix id command and Openldap,
Patrick Wolfe
- RE: [nssldap] RV: Unix id command and Openldap,
okossuth
- Re: [nssldap] RV: Unix id command and Openldap,
Patrick Wolfe
- Prev by Date: RE: [nssldap] RV: Unix id command and Openldap
- Next by Date: RE: [nssldap] RV: Unix id command and Openldap
- Previous by thread: RE: [nssldap] RV: Unix id command and Openldap
- Next by thread: RE: [nssldap] RV: Unix id command and Openldap