of course...it is why nss_base_passwd works and why nss_base_group doesn't work and why getent passwd works and why getent group doesn't work Craig On Fri, 2006-03-17 at 09:41 -0800, Mont Rothstein wrote: > I get output for both, but it is all commented out. I don't know what > this means. > > Here is my output: > > [root at rheles4rs1 bin]# grep Groups /etc/ldap.conf #pam_groupdn > cn=PAM,ou=Groups,dc=example,dc=com > [root at rheles4rs1 bin]# grep Group /etc/ldap.conf # Group to enforce > membership of > #pam_groupdn cn=PAM,ou=Groups,dc=example,dc=com > # Group member attribute > #nss_base_group ou=Group,dc=example,dc=com?one > #nss_map_objectclass posixGroup Group > #nss_map_objectclass posixGroup Group > #nss_map_objectclass posixGroup group > #nss_map_objectclass posixGroup aixAccessGroup > > > Does this mean something to you? > > -Mont > > > On 3/16/06, Craig White <craigwhite at azapple.com> wrote: > grep Groups /etc/ldap.conf > > I bet you get nothing... > > then > > grep Group /etc/ldap.conf > > I think your answer lies within > > Craig > > On Thu, 2006-03-16 at 16:53 -0800, Mont Rothstein wrote: > > I apologize for being so ignorant but I don't know what you > mean by > > "change DNs etc". > > > > In my sambaGroups.ldif my dn's look like: > > > > dn: cn=Domain > Admins,ou=Groups,dc=forayadams,dc=foray,dc=com > > > > which as far as I know is correct for my setup. > > > > What am I missing? > > > > Thanks, > > -Mont > > > > > > On 3/16/06, Pete Rowley <prowley at redhat.com> wrote: > > Mont Rothstein wrote: > > > > > Were the group names specified in the previous > steps merely > > examples? > > > I have a bare install and haven't created any > groups in unix > > (other > > > than those created with new users) nor have I > created any in > > Samba. > > > > > They are not examples, but you will have to change > DN's etc. > > > > > > -- > > Pete
