Paul,
You can do few things to debug...
* Check the server log to see what happens...
* Do the same with ldapsearch and see if you get results. Ex. ldapsearch
-h myhost -p 389 -b "dc=example, dc=com" "objectclass=posixgroup" etc...
* Check /etc/nsswitch.conf to make sure the 'ldap' is included in the
search order (if you use authconfig on Linux it will set it for you).
-Satish.
Paul Fontenot wrote:
Thanks Satish,
I have added all this (including the shadowAccount attribute). getent
passwd / shadow work correctly but group still does not. I'm off to find
documentation...
Thanks,
-Paul
On Wed, 2008-01-02 at 16:44 -0500, Satish Chetty wrote:
Paul,
Go to the group entry. Right click and select 'Advanced properties'.
Click on objectclass and click 'Add Value'. It should like all
objectclasses you can add.
-Satish.
Paul Fontenot wrote:
I'm *assuming* you mean somewhere other than here (in the attached png
file). When I go to create the group and attempt to add the posixgroup
object class I do not see that option anywhere - lots of other things
though. I will go back to hunting the information on the fedora site as
well.
Thanks for the help,
-Paul
On Wed, 2008-01-02 at 16:27 -0500, Aaron Bliss wrote:
Paul,
You have to create a group in ldap, then add the posixgroup object
class. If you do this thru the admin console, you will then see a
text box appear called gidnumber. In that box enter whatever gid you
wish to use.
Aaron
Paul Fontenot wrote:
Thanks Aaron,
That's what has me stumped, the GID is there (that's the 500). I guess
what has me confused is I can't figure out how to tie that number to a
group and have it show in the getent group query.
-Paul
On Wed, 2008-01-02 at 16:11 -0500, Aaron Bliss wrote:
Paul,
You probably need to assign a gidnumber (posixgroup attribute) to your
primary ldap group. I've noticed that linux boxes only recognize group
memberships for groups that have gid's.
Aaron
Paul Fontenot wrote:
Hi,
I've searched hi and low and found a couple references to the problem I
have but no solutions.
If I issue 'getent passwd' I can see all the ldap users, if I issue a
getent group I cannot see any of the ldap groups. When I log into one of
my linux boxes I get 'id: cannot find name for group ID 500' (500 is an
ldap group).
What would cause this issue? I've been beating my head against it for a
couple days and decided to turn to the experts.
Thanks,
Paul
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Aaron Bliss
Systems Administrator
SUNY Brockport
(585) 395-2417
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
------------------------------------------------------------------------
------------------------------------------------------------------------
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
