This means the client can't find any group objects in your LDAP directory that have gidNumber=1676. Have you loaded your group data into the directory? Try this on one of your LDAP clients: # getent group 1676 Then, see what search this generates on the LDAP server by looking at the access log. You could also test with a manual ldapsearch, e.g.: # ldapsearch -x -h ldap.example.com -D <binddn from clients' /etc/ldap.conf> -b dc=example,dc=com (&(objectClass=posixGroup)(gidNumber=1676)) Brandon Young wrote: > I have recently attempted to set up a Fedora Directory Server for > evaluation as a replacement for NIS. Overall, the set up process was > pretty painless. I spent some time reading the Installation Guide, > Administrator's Guide, and Deployment Guide beforehand. Additionally, > I tracked down this wonderful guide > (http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html) > which seemed like exactly what I needed. > > I am trying to (ultimately) set up a directory service which provides > user authentication for Linux and OS X clients. > > The problem I have run in to is the following: when I issue the > command `ls`, I see the following: > ~$ ls -l > total 1 > drwxr-xr-x 2 bky 1676 336 Jan 23 09:12 Desktop > drwxr-xr-x 4 bky 1676 216 Jan 17 10:24 Documents > drwx------ 19 bky 1676 544 Jan 22 12:19 Library > drwxr-xr-x 2 bky 1676 48 Jan 17 08:33 Movies > drwxr-xr-x 3 bky 1676 72 Jan 17 09:45 Music > drwxr-xr-x 2 bky 1676 48 Jan 17 08:30 Pictures > drwxrwxr-x 2 bky 1676 96 Dec 20 14:29 bin > drwxrwxr-x 3 bky 1676 72 Dec 20 15:53 svn > drwxr-xr-x 2 bky 1676 48 Jan 17 09:48 vmware > ~$ > > > if I issue the 'groups' command for the user, it tells me: > > # groups bky > id: cannot find name for group ID 1676 > # > > So, it seems obvious to me that group mappings are not configured > correctly. On the client side, I am using a CentOS 4.4 machine, > configured to use ldap using system-config-authentication, and further > tweaking /etc/ldap.conf values for nss_base_passwd, nss_base_shadow, > and nss_base_group. Further, in digging through the mailing list > archives I found a suggestion to make sure pam_member_attribute was > set to uniqueMember -- which I tried, to no avail. I also tried > starting nscd which does not fix it (but I didn't really feel like > that was the problem, anyway). > > I will further mention here that the ldap-client package is installed > and I have not tried to configure SSL or TLS, yet. > > So, with that in mind ... what very obvious thing am I missing? Has > anyone seen and resolved this issue for themselves? Any help would be > greatly appreciated. >
