Paul, You can do few things to debug... * Check the server log to see what happens... * Do the same with ldapsearch and see if you get results. Ex. ldapsearch -h myhost -p 389 -b "dc=example, dc=com" "objectclass=posixgroup" etc... * Check /etc/nsswitch.conf to make sure the 'ldap' is included in the search order (if you use authconfig on Linux it will set it for you). -Satish. Paul Fontenot wrote: > Thanks Satish, > > I have added all this (including the shadowAccount attribute). getent > passwd / shadow work correctly but group still does not. I'm off to find > documentation... > > Thanks, > > -Paul > > On Wed, 2008-01-02 at 16:44 -0500, Satish Chetty wrote: >> Paul, >> Go to the group entry. Right click and select 'Advanced properties'. >> Click on objectclass and click 'Add Value'. It should like all >> objectclasses you can add. >> >> -Satish. >> >> Paul Fontenot wrote: >>> I'm *assuming* you mean somewhere other than here (in the attached png >>> file). When I go to create the group and attempt to add the posixgroup >>> object class I do not see that option anywhere - lots of other things >>> though. I will go back to hunting the information on the fedora site as >>> well. >>> >>> Thanks for the help, >>> >>> -Paul >>> >>> On Wed, 2008-01-02 at 16:27 -0500, Aaron Bliss wrote: >>>> Paul, >>>> You have to create a group in ldap, then add the posixgroup object >>>> class. If you do this thru the admin console, you will then see a >>>> text box appear called gidnumber. In that box enter whatever gid you >>>> wish to use. >>>> >>>> Aaron >>>> >>>> Paul Fontenot wrote: >>>>> Thanks Aaron, >>>>> >>>>> That's what has me stumped, the GID is there (that's the 500). I guess >>>>> what has me confused is I can't figure out how to tie that number to a >>>>> group and have it show in the getent group query. >>>>> >>>>> -Paul >>>>> >>>>> On Wed, 2008-01-02 at 16:11 -0500, Aaron Bliss wrote: >>>>> >>>>>> Paul, >>>>>> You probably need to assign a gidnumber (posixgroup attribute) to your >>>>>> primary ldap group. I've noticed that linux boxes only recognize group >>>>>> memberships for groups that have gid's. >>>>>> >>>>>> Aaron >>>>>> >>>>>> Paul Fontenot wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> I've searched hi and low and found a couple references to the problem I >>>>>>> have but no solutions. >>>>>>> >>>>>>> If I issue 'getent passwd' I can see all the ldap users, if I issue a >>>>>>> getent group I cannot see any of the ldap groups. When I log into one of >>>>>>> my linux boxes I get 'id: cannot find name for group ID 500' (500 is an >>>>>>> ldap group). >>>>>>> >>>>>>> What would cause this issue? I've been beating my head against it for a >>>>>>> couple days and decided to turn to the experts. >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Paul >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Fedora-directory-users mailing list >>>>>>> Fedora-directory-users at redhat.com >>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>>>>> >>>>>>> >>>>> -- >>>>> Fedora-directory-users mailing list >>>>> Fedora-directory-users at redhat.com >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>>> >>>> -- >>>> Aaron Bliss >>>> Systems Administrator >>>> SUNY Brockport >>>> (585) 395-2417 >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> >>>> ------------------------------------------------------------------------ >>>> >>>> -- >>>> Fedora-directory-users mailing list >>>> Fedora-directory-users at redhat.com >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users >> -- >> Fedora-directory-users mailing list >> Fedora-directory-users at redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-directory-users > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >
