[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: posixgroups vs groupofnames



On Sun, 25 May 2014, Doug OLeary wrote:

An LDAP NSS module properly configured to use rfc2307bis doesn't need or use memberuid.

OpenLDAP nssov just uses rfc2307bis by default.

Interesting. So, it is possible to get where I'm going and member is the attribute that it should be looking for. Thank you. That gives me another
avenue to explore

Excellent!  That was the exact clue I needed.  Thank you very much, sir!
Fully functional exactly the way it should be with no duplication of data.

Appreciate it no end.

Short version of the fix for Centos 6.5:

Troubleshooting existing issues w/sssd and adding:

ldap_schema = rfc2307bis # was already there; but may have had issues
ldap_group_member = member

to sssd.conf.

Doug O'Leary
------------
Senior UNIX/Security Admin
CISSP, CISA, RHCE, CEH
O'Leary Computers Inc
dkoleary@olearycomputers.com (w) 630-904-6098 (c) 630-248-2749
linkedin: http://www.linkedin.com/in/dkoleary
resume: http://www.olearycomputers.com/resume.html