On May 6, 2010, at 11:35 AM, Paul Heinlein wrote:
> On Thu, 6 May 2010, aurfalien@xxxxxxxxx wrote:
>
>> Hi all,
>>
>> Not having much luck adding a user to more then 1 group in OpenLDAP
>> thats provided in Centos.
>>
>> Any suggestions to have the outcome of having a user belong to
>> multiple groups?
>>
>> Should I create a new group that has multiple GIDs and assign a user
>> to that new group? If so, how? :)
>
> Each posixGroup can have multiple memberUid entries. In our
> environment, a memberUid is specified by username (not numeric uid); I
> suspect that's normal practice, but you might want to get confirmation
> from others.
>
> A user's posixAccount record has no backward mapping of group
> memberships; it only contains the standard gidNumber entry.
>
> In short:
>
> 1. Define the posixGroup DN
> 2. Add one or more memberUid entries.
O, I think I follow.
Say my current group definition in ldap is;
# pm, groups, foo.bar
dn: cn=pm,ou=groups,dc=foo,dc=bar
objectClass: top
objectClass: posixGroup
cn: pm
gidNumber: 200
So would I extend this and add members there instead of in there own
entry? How would it look?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
