nss_ldap - using full DNs in member attribute

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thats extremely strange, I've made clients including Fedora,Suse and 
Ubuntu bind to the FDS Ldap without a problem like that.

Can you just verify something for me.

ie login via the console or ssh into your client machine ie as jsmith as 
in your example and type

groups.

It should just list your groups in the shortform.

ie you should see

testgroup blah blah (all your groups)

as with your example, you shouldn't see the ou,dc bits.

If it does you can remap the lookup / search base usually by editing 
ldap.conf which you can find in /etc/ldap.conf most of the time including 
Fedora, SUSE & Ubuntu, but I can't say anything about Gentoo as I've 
havn't dealt with it recently.

You should then look at the mappings / lookup ie for nss_base_passwd, 
nss_base_shadow, nss_base_group which are the three basic fields with 
Linux/Unix.

In your case you would be dealing with nss_base_group.

If you are caching the fields is with nscd you would have to do 
the same with nscd.conf.

But still I find that extremely strange.

 					Regards Ashley




On Fri, 1 Jun 2007, Stipl, Stepan wrote:

> Hi,
>
> I'm trying to setup authentication against Fedora DS on Linux box
> (Gentoo). Everything is working fine, except for one thing - I have
> groups with members in uniqueMember attributes and I have there full DNs
> - like "uid=sstipl,ou=users,dc=example,dc=com", but the nss expects me
> to have there just logins (uid's value in this case).
>
> So when I do "getent group" I receive something like this from groups
> from LDAP:
>
> testgroup:*:1010:uid=sstipl,ou=users,dc=example,dc=com,
> uid=jsmith,ou=users,dc=example,dc=com
>
> Any idea how to setup probably nss? to use just RND value (uid's in this
> case) from the uniqueMember attribute? To get this:
> "testgroup:*:1010:sstipl,jsmith"
>
>
>
> many thanks.
>
> .stepan
>
>
>
>
>
> !DSPAM:272,465fdbe081151117595406!
>

-- 
Ashley Chew - Systems Administrator
School of Computer Science and Software Engineering
University of Western Australia
Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089
Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley

"There is no such thing as Fate, Fate is what you make of it!"
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux