[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Usermod problems with ldap

To: <michael@stroeder.com>
Subject: RE: Usermod problems with ldap
From: <okossuth@antel.com.uy>
Date: Wed, 18 Feb 2009 16:39:33 -0200
Cc: openldap-technical@openldap.org
Content-class: urn:content-classes:message
Importance: normal
In-reply-to: <499C5021.4060306@stroeder.com>
Thread-index: AcmR9WYumQmm/yhsTnGg+KZaqeqduQAAm77A
Thread-topic: Usermod problems with ldap

Ok I have seen in the logs that usermod uses the member attribute when trying to update supplementary groups of a user, and id uses the memberUid attribute when trying to search info of a user.. how on earth can I use both commands without having to use group entries  with both member and memberUids attributes??
BTW I'm using SUSE LES 10 SP2

Saludos,

Oskar Kossuth 
Administrador UNIX
ANTEL Telecomunicaciones

-----Mensaje original-----
De: Michael Ströder [mailto:michael@stroeder.com] 
Enviado el: Wednesday, February 18, 2009 3:15 PM
Para: Kossuth Espinosa, Oskar
CC: openldap-technical@openldap.org
Asunto: Re: Usermod problems with ldap

okossuth@antel.com.uy wrote:
> Ok.you are correct, but if I use the rfc2307bis.schema I can have
> groupofnames as structural and posixgroup as auxiliary to be able to
> use member and memberUid attributes.

Yes, but you have to maintain both attributes (member sets) separately.
With my web2ldap you can do it at once.

> Before I was using nis.schema and now I use rfc2307bis.schema and the
> usermod command worked. But the id command doesn't show groups stored
> in the ldap that use only the member attribute of a groupofnames
> group entry... any ideas?

You should look into your logs what the nss_ldap implementation you're
using is really looking for.

Ciao, Michael.

El   presente  correo   y   cualquier    posible   archivo   adjunto  está
dirigido  únicamente  al destinatario  del  mensaje y contiene información
que  puede ser  confidencial.  Si  Ud. no es el destinatario  correcto por 
favor notifique al remitente respondiendo  anexando este mensaje y elimine 
inmediatamente   el e-mail y los posibles archivos adjuntos al mismo de su 
sistema. Está  prohibida  cualquier utilización,  difusión o copia de este 
e-mail por   cualquier  persona  o  entidad  que  no  sean las específicas 
destinatarias del  mensaje.  ANTEL  no acepta  ninguna responsabilidad con 
respecto  a cualquier  comunicación  que  haya sido  emitida  incumpliendo
nuestra Política de Seguridad de la Información.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
This e-mail and any attachment is confidential and is  intended solely for 
the addressee(s).  If you are not  intended  recipient  please  inform the 
sender immediately,  answering  this  e-mail and  delete it as well as the 
attached files. Any use, circulation or copy of this e-mail by  any person 
or entity that is not the specific  addressee(s)  is prohibited.  ANTEL is 
not  responsible  for  any  communication  emitted  without respecting our
Information Security Policy.

Follow-Ups:
- Re: Usermod problems with ldap
  - From: Michael Ströder <michael@stroeder.com>

References:
- Re: Usermod problems with ldap
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: Usermod problems with ldap
Next by Date: Re: Usermod problems with ldap
Index(es):
- Chronological
- Thread