Shouldn't memberuid be the user name, not the numeric uid? That is how we have it set up and we don't have any issues. So under sysadmin memberUid should be memberUid: test not memberUid: 1234 Jamie > well, gid 14 was in conflict with uucp group, so I changed it a bit: > > # testGroup, Groups, example.com > dn: cn=testGroup,ou=Groups,dc=example,dc=com > memberUid: 1234 > cn: testGroup > gidNumber: 1234 > objectClass: top > objectClass: posixgroup > > > # sysadmin, Groups, example.com > dn: cn=sysadmin,ou=Groups,dc=example,dc=com > gidNumber: 666 > memberUid: 1125 > memberUid: 1234 > objectClass: top > objectClass: posixgroup > cn: sysadmin > > # test, UNIX, example.com > dn: uid=test,ou=UNIX,dc=example,dc=com > gidNumber: 1234 > givenName: test > uidNumber: 1234 > uid: test > > now, test should belong to testGroup & sysadmin, correct? but that's not > happening: > > # id test -a > uid=1234(test) gid=1234(testGroup) groups=1234(testGroup) > > I don't understand this. It seemed so straight forward! > > (after switching test's gidNumber from 1234 to 666): > > # id test -a > uid=1234(test) gid=666(sysadmin) groups=666(sysadmin) > > so, it's not recognizing the memberUid attribute, I think. > > There's this in /etc/ldap.conf: > > # Group member attribute > #pam_member_attribute uniquemember > > > I changed uniquemember to memberuid but that didn't do anything.... > -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
