[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: dynlist and group membership (libnss-ldap, posixGroup, samba)
Felipe Augusto van de Wiel <felipe.wiel@hpp.org.br> writes:
> Thanks for replying. :-)
>
> On 20-05-2010 12:07, Dieter Kluenter wrote:
>> Felipe Augusto van de Wiel <felipe.wiel@hpp.org.br> writes:
> [...]
>>> The problem, is that I would expect and
>>> 'id userA' to include group 'active-samba-users'
>>> but it doesn't. But 'getent group active-samba-users'
>>> includes all the users:
>>>
>>> active-samba-users:*:999:userA,userB
>> [...]
>>
>> modify the dynlist overlay configuration and rewrite the
>> labeledURI attribute value in order to match your
>> requirements.
>
> Well, that's kind of the problem, as I understood
> it, everything is just fine, the dynlist is working and
> adding the member fields as expected, the 'getent group'
> return the users equivalent to "dyngroup" and respective
> filter, but 'id' and the rest of the system, for some that
> reason that I'm obviously missing, doesn't seem the users
> as part of the group, although the group list the user in
> it. :-(
I see, so this is more a nss and pam problem than a openldap
issue. You may try the nssov overlay, see man slapo-nssov(5), although
I have no vital experience with this overlay.
-Dieter
--
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6