[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
group issues
hello,
openldap 1.2.10, redhat 6.2 (intel) and solaris 8, pam_ldap v65, and
nss_ldap v113.
i am having numerous problems getting groups to work properly for me.
what i would like is to have a group with members specified by full DN
that would work with both openldap ACLs and with nss_ldap/pam_ldap for
supplementary groups.
if i use:
dn: cn=group0,ou=group,dc=domain,dc=edu
cn: group0
gidnumber: 5000
objectclass: top
objectclass: groupOfNames
objectclass: posixGroup
memberuid: member0
then:
nss_ldap handles supplementary groups fine but openldap ACLs don't
work.
if i use:
dn: cn=group0,ou=group,dc=domain,dc=edu
cn: group0
gidnumber: 5000
objectclass: top
objectclass: groupOfNames
objectclass: posixGroup
member: uid=member0,ou=people,dc=domain,dc=edu
then:
nss_ldap doesn't handle supplementary groups (as such leaving the
user as a member of only his/her primary group) but openldap ACLs do
work.
obviously what i want is to have supplementary groups work *and*
openldap ACLs work.
if anyone has any suggestions for what i could try or am doing wrong,
i'd greatly appreciate hearing from you as right now i'm stumped.
thanks,
blair christensen