[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PAM and LDAP Problem

To: "Norm Dressler" <ndressler@dinmar.com>
Subject: Re: PAM and LDAP Problem
From: Julio Sanchez Fernandez <j_sanchez@stl.es>
Date: 17 Jul 2001 13:41:40 +0200
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: "Norm Dressler"'s message of "Thu, 5 Jul 2001 15:08:35 -0400"
References: <NEBBKIMKGKLKGAOABJPKIEAJCOAA.ndressler@dinmar.com>
User-agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7

"Norm Dressler" <ndressler@dinmar.com> writes:

> I have tried to establish groups in my LDAP directory as well.  I am using a
> tool called directory_administrator and its working great.  It creates the
> following in my ldap:
> dn: cn=mygroup,dc=dinmar,dc=com
> objectclass: top
> objectclass: posixGroup
> cn: mygroup
> gidnumber: 2005
> uniquemember: uid=ndressler, dc=dinmar,dc=com

If you want to use posixGroup member lists defined with distinguished
names, you have to recompile nss_ldap with flag -DRFC2307BIS.  Recent
versions have moved to use GNU autoconf so, instead of mangling
Makefiles, you would just:

        configure --with-ldap=openldap --enable-rfc2307bis

It works for me.

BTW, you need to add groupOfUniqueNames to objectClass.

Julio

References:
- PAM and LDAP Problem
  - From: "Norm Dressler" <ndressler@dinmar.com>

Prev by Date: Re: Help With Mac OS X and OpenLDAP 2.0.11
Next by Date: Re: attributetype image
Index(es):
- Chronological
- Thread