Always the way - the LDAP enabled app/hardware falls one inch short of doing what you need ... In this case a Juniper VPN box which I need to check LDAP netgroup membership for access control but it doesn't quite understand netgroups. The nisnetgrouptriple=(,username,) format is the stumbling block as I need just the username. I was looking at creating a dynamic group on the LDAP server itself to contain the same usernames as in the netgroup but in a simple format the VPN box could query. Anybody have an idea how to do this with dynamic groups? Essentially, I need a query to turn this: cn=netgroup1 nisnetgrouptriple=(,user1,) nisnetgrouptriple=(,user2,) into something like this: cn=dynamic-group1 uniquemember=user1 uniquemember=user2 PK -- Philip Kime NOPS Systems Architect 310 401 0407 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20070327/26f2c4b4/attachment.html
