RE: [nssldap] RV: Unix id command and Openldap
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
RE: [nssldap] RV: Unix id command and Openldap
- From: Andrew Morgan <morgan [at] orst.edu>
- To: okossuth [at] antel.com.uy
- Cc: smt [at] vgersoft.com, nssldap [at] padl.com
- Subject: RE: [nssldap] RV: Unix id command and Openldap
- Date: Tue, 23 Dec 2008 09:25:57 -0800 (PST)
On Tue, 23 Dec 2008, okossuth@antel.com.uy wrote:
Hi guys
getent passwd and getent group work fine, I get the list of users and groups of
the ldap server. getent group only shows me ldap groups without users belonging
to those groups
like the group mysql defined only in the ldap server:
mysql:*:4620:
My only problem is getting the secondary groups via id or groups.
Starting the ldap server with debugging I saw a possible cause:
conn=50 op=0 BIND dn="" method=128
conn=50 op=0 RESULT tag=97 err=0 text=
conn=50 op=1 SRCH
base="ou=Grupos,ou=Teleinformatica,dc=vmlx-ldapauth-test,dc=in.iantel.com.uy" scope=2 deref=0
filter="(&(objectClass=posixGroup))"
conn=50 op=1 SRCH attr=cn userPassword memberUid uniqueMember gidNumber
conn=50 op=1 ENTRY
dn="cn=jbossgrp,ou=grupos,ou=teleinformatica,dc=vmlx-ldapauth-test,dc=in.iantel.com.uy"
it seems that when i do a id -a jbosstest ( a user that is defined in the ldap
server)
it searchs the ou=Grupos where the groups are defined but it only uses the
filter ="(&(objectClass=posixGroup))"..
is that the problem???
Which objectclass are you expecting it to use? posixGroup is the standard
objectclass for these groups.
Andy
- Re: [nssldap] RV: Unix id command and Openldap, (continued)