well, gid 14 was in conflict with uucp group, so I changed it a bit: # testGroup, Groups, example.com dn: cn=testGroup,ou=Groups,dc=example,dc=com memberUid: 1234 cn: testGroup gidNumber: 1234 objectClass: top objectClass: posixgroup # sysadmin, Groups, example.com dn: cn=sysadmin,ou=Groups,dc=example,dc=com gidNumber: 666 memberUid: 1125 memberUid: 1234 objectClass: top objectClass: posixgroup cn: sysadmin # test, UNIX, example.com dn: uid=test,ou=UNIX,dc=example,dc=com gidNumber: 1234 givenName: test uidNumber: 1234 uid: test now, test should belong to testGroup & sysadmin, correct? but that's not happening: # id test -a uid=1234(test) gid=1234(testGroup) groups=1234(testGroup) I don't understand this. It seemed so straight forward! (after switching test's gidNumber from 1234 to 666): # id test -a uid=1234(test) gid=666(sysadmin) groups=666(sysadmin) so, it's not recognizing the memberUid attribute, I think. There's this in /etc/ldap.conf: # Group member attribute #pam_member_attribute uniquemember I changed uniquemember to memberuid but that didn't do anything.... --- Susan <logastellus at yahoo.com> wrote: > Hi, everybody. > > I've a group with multiple memberUid attributes: > > # sysadmin, Groups, example.com > dn: cn=sysadmin,ou=Groups,dc=example,dc=com > memberUid: 1125 > memberUid: 1234 > gidNumber: 14 > objectClass: top > objectClass: posixgroup > cn: sysadmin > ____ > > and a user test like this: > > # test, UNIX, example.com > dn: uid=test,ou=UNIX,dc=example,dc=com > gidNumber: 1234 > objectClass: top > objectClass: person > objectClass: organizationalPerson > objectClass: inetorgperson > objectClass: posixAccount > objectClass: account > host: * > givenName: test > sn: asdf > uidNumber: 1234 > uid: test > cn: test asdf > homeDirectory: /home/test > > ___ > > there is also a group "test" which uid test belongs to. Now, test should be a member of both > test > and sysadmins, correct? > > However, that doesn't seem to be the case: > > -bash-3.00$ grep test /etc/passwd > -bash-3.00$ id -a test > uid=1234(test) gid=1234 groups=1234 > -bash-3.00$ id -G test > 1234 > -bash-3.00$ > > gid 14 doesn't show up. What am I doing wrong here? Is this not how you add a user to multiple > groups?? > > Thanks.. > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
