[Date Prev][Date Next] [Chronological] [Thread] [Top]

[Fwd: Group entry in OpenLDAP]



Hi, I've OpenLDAP 2.1.25 with pam_ldap and nss_ldap installed in a Red Hat AS release 3 distribution. Everything goes fine, except when a user authenticates to the system he always get the "Group ID 200 not found" message. If I perform a ldapsearch with anonymous i can't see the entries for the groups that i've defined, I need to do an ldapsearch authenticated with the root. The group entry is generated with the following ldif: ____________________________________________ dn: cn=usersGroup,ou=users,dc=fe,dc=up,dc=pt objectClass: posixGroup objectClass: top objectClass: group cn: usersGroup gidNumber: 200 memberUid: usersGroup ____________________________________________ The user entry is generated with the following ldif: ____________________________________________ dn: uid=test,ou=users,dc=fe,dc=up,dc=pt objectClass: account objectClass: posixAccount objectClass: top objectClass: shadowAccount uid: test cn: test userPassword: test shadowLastChange: 12480 shadowMin: 0 shadowMax: 10 shadowWarning: 7 shadowInactive: 7 shadowExpire: 20000 loginShell: /bin/tcsh uidNumber: 201 gidNumber: 200 homeDirectory: /home/test ____________________________________________ Can be something related to the access permissions? My slapd.access file goes like this: ____________________________________________ access to attr=userPassword by dn="uid=admin,ou=admins,dc=fe,dc=up,dc=pt" read by dn="uid=admindn,ou=admins,dc=fe,dc=up,dc=pt" read by self read by anonymous auth by * none access to attr=cn,gecos,uid,uidNumber,gidNumber,loginShell,homeDirectory by dn="uid=admin,ou=admins,dc=fe,dc=up,dc=pt" read by dn="uid=admindn,ou=admins,dc=fe,dc=up,dc=pt" read by self read by users read by anonymous read by * none access to attr=shadowMin,shadowMax,shadowLastChange,shadowWarning,shadowExpire,shadowInactive by dn="uid=admin,ou=admins,dc=fe,dc=up,dc=pt" read by dn="uid=admindn,ou=admins,dc=fe,dc=up,dc=pt" read by self read by users read by anonymous none by * none access to dn="uid(.*),ou=.*,dc=fe,dc=up,dc=pt" by dn="cn=admin,dc=fe,dc=up,dc=pt" write by dn="uid=admin,ou=admins,dc=fe,dc=up,dc=pt" read by dn="uid=admindn,ou=admins,dc=fe,dc=up,dc=pt" read by self read by anonymous read by * none ____________________________________________ I really can't find where the problem can be.... Thanks, Jorge Ruão