[Date Prev][Date Next] [Chronological] [Thread] [Top]

group issues

To: openldap-software@openldap.com
Subject: group issues
From: blair christensen <blair@bsd.uchicago.edu>
Date: Wed, 5 Jul 2000 15:22:46 -0500
Content-disposition: inline
User-agent: Mutt/1.1.4i

hello,
openldap 1.2.10, redhat 6.2 (intel) and solaris 8, pam_ldap v65, and
nss_ldap v113.

i am having numerous problems getting groups to work properly for me.

what i would like is to have a group with members specified by full DN
that would work with both openldap ACLs and with nss_ldap/pam_ldap for
supplementary groups.

if i use:
dn: cn=group0,ou=group,dc=domain,dc=edu
cn: group0
gidnumber: 5000
objectclass: top
objectclass: groupOfNames
objectclass: posixGroup
memberuid: member0

then:
nss_ldap handles supplementary groups fine but openldap ACLs don't
work.

if i use:
dn: cn=group0,ou=group,dc=domain,dc=edu
cn: group0
gidnumber: 5000
objectclass: top
objectclass: groupOfNames
objectclass: posixGroup
member: uid=member0,ou=people,dc=domain,dc=edu

then:
nss_ldap doesn't handle supplementary groups (as such leaving the
user as a member of only his/her primary group) but openldap ACLs do
work.

obviously what i want is to have supplementary groups work *and*
openldap ACLs work.

if anyone has any suggestions for what i could try or am doing wrong,
i'd greatly appreciate hearing from you as right now i'm stumped.

thanks,
blair christensen

Follow-Ups:
- Re: group issues
  - From: Nadeem Hasan <nhasan@usa.net>

Prev by Date: Re: Newbie Question - running configure
Next by Date: Re: group issues
Index(es):
- Chronological
- Thread