[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: PAM and LDAP Problem
"Norm Dressler" <ndressler@dinmar.com> writes:
> I have tried to establish groups in my LDAP directory as well. I am using a
> tool called directory_administrator and its working great. It creates the
> following in my ldap:
> dn: cn=mygroup,dc=dinmar,dc=com
> objectclass: top
> objectclass: posixGroup
> cn: mygroup
> gidnumber: 2005
> uniquemember: uid=ndressler, dc=dinmar,dc=com
If you want to use posixGroup member lists defined with distinguished
names, you have to recompile nss_ldap with flag -DRFC2307BIS. Recent
versions have moved to use GNU autoconf so, instead of mangling
Makefiles, you would just:
configure --with-ldap=openldap --enable-rfc2307bis
It works for me.
BTW, you need to add groupOfUniqueNames to objectClass.
Julio