[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Usermod problems with ldap

To: <michael@stroeder.com>
Subject: RE: Usermod problems with ldap
From: <okossuth@antel.com.uy>
Date: Wed, 18 Feb 2009 16:01:00 -0200
Cc: openldap-technical@openldap.org
Content-class: urn:content-classes:message
Importance: normal
In-reply-to: <499C2866.5060207@stroeder.com>
Thread-index: AcmR3boawLrSkISKRiCuRL7/x0cllwAE6Rsg
Thread-topic: Usermod problems with ldap

Ok.you are correct, but if I use the rfc2307bis.schema I can have groupofnames as structural and posixgroup as auxiliary to be able to use member and memberUid attributes.

Before I was using nis.schema and now I use rfc2307bis.schema and the usermod command worked. But the id command doesn't show groups stored in the ldap
that use only the member attribute of a groupofnames group entry...
any ideas?

Saludos,

Oskar Kossuth
Administrador UNIX
ANTEL Telecomunicaciones

-----Mensaje original-----
De: Michael Ströder [mailto:michael@stroeder.com]
Enviado el: Wednesday, February 18, 2009 12:25 PM
Para: Kossuth Espinosa, Oskar
CC: openldap-technical@openldap.org
Asunto: Re: Usermod problems with ldap

okossuth@antel.com.uy wrote:
> is it possible to have both groupofnames and posixgroup for a group entry?

No, both are STRUCTURAL. And an entry can have only one STRUCTURAL
object class.
See also:
http://www.openldap.org/faq/data/cache/883.html

Also note that actually the LDAP clients determine a user's group
membership. You have to clarify whether they are using one or the other.

Ciao, Michael.

El presente correo y cualquier posible archivo adjunto está
dirigido únicamente al destinatario del mensaje y contiene información
que puede ser confidencial. Si Ud. no es el destinatario correcto por
favor notifique al remitente respondiendo anexando este mensaje y elimine
inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su
sistema. Está prohibida cualquier utilización, difusión o copia de este
e-mail por cualquier persona o entidad que no sean las específicas
destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con
respecto a cualquier comunicación que haya sido emitida incumpliendo
nuestra Política de Seguridad de la Información.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
This e-mail and any attachment is confidential and is intended solely for
the addressee(s). If you are not intended recipient please inform the
sender immediately, answering this e-mail and delete it as well as the
attached files. Any use, circulation or copy of this e-mail by any person
or entity that is not the specific addressee(s) is prohibited. ANTEL is
not responsible for any communication emitted without respecting our
Information Security Policy.

Follow-Ups:
- Re: Usermod problems with ldap
  - From: Michael Ströder <michael@stroeder.com>

References:
- Re: Usermod problems with ldap
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: LDAP + PAM + NSS with groups local and in LDAP
Next by Date: Re: Usermod problems with ldap
Index(es):
- Chronological
- Thread