This means the client can't find any group objects in your LDAP
directory that have gidNumber=1676.
Have you loaded your group data into the directory?
Try this on one of your LDAP clients:
# getent group 1676
Then, see what search this generates on the LDAP server by looking at
the access log.
You could also test with a manual ldapsearch, e.g.:
# ldapsearch -x -h ldap.example.com -D <binddn from clients'
/etc/ldap.conf> -b dc=example,dc=com
(&(objectClass=posixGroup)(gidNumber=1676))
Brandon Young wrote:
I have recently attempted to set up a Fedora Directory Server for
evaluation as a replacement for NIS. Overall, the set up process was
pretty painless. I spent some time reading the Installation Guide,
Administrator's Guide, and Deployment Guide beforehand. Additionally,
I tracked down this wonderful guide
(http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html)
which seemed like exactly what I needed.
I am trying to (ultimately) set up a directory service which provides
user authentication for Linux and OS X clients.
The problem I have run in to is the following: when I issue the
command `ls`, I see the following:
~$ ls -l
total 1
drwxr-xr-x 2 bky 1676 336 Jan 23 09:12 Desktop
drwxr-xr-x 4 bky 1676 216 Jan 17 10:24 Documents
drwx------ 19 bky 1676 544 Jan 22 12:19 Library
drwxr-xr-x 2 bky 1676 48 Jan 17 08:33 Movies
drwxr-xr-x 3 bky 1676 72 Jan 17 09:45 Music
drwxr-xr-x 2 bky 1676 48 Jan 17 08:30 Pictures
drwxrwxr-x 2 bky 1676 96 Dec 20 14:29 bin
drwxrwxr-x 3 bky 1676 72 Dec 20 15:53 svn
drwxr-xr-x 2 bky 1676 48 Jan 17 09:48 vmware
~$
if I issue the 'groups' command for the user, it tells me:
# groups bky
id: cannot find name for group ID 1676
#
So, it seems obvious to me that group mappings are not configured
correctly. On the client side, I am using a CentOS 4.4 machine,
configured to use ldap using system-config-authentication, and further
tweaking /etc/ldap.conf values for nss_base_passwd, nss_base_shadow,
and nss_base_group. Further, in digging through the mailing list
archives I found a suggestion to make sure pam_member_attribute was
set to uniqueMember -- which I tried, to no avail. I also tried
starting nscd which does not fix it (but I didn't really feel like
that was the problem, anyway).
I will further mention here that the ldap-client package is installed
and I have not tried to configure SSL or TLS, yet.
So, with that in mind ... what very obvious thing am I missing? Has
anyone seen and resolved this issue for themselves? Any help would be
greatly appreciated.
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
