2010-09-14 17:26, Rich Megginson skrev: > I still don't know what you mean by "add posixGroups using the admin > tool". If by "admin tool" you mean the 389 GUI console, then right, > there is no explicit posix group tab in the Group editor window, but you > can use the Advanced... editor to add the posixGroup objectclass to the > list of objectclasses. Yep. That's what I meant. (389-console) When I click Advanced I see posixGroup stuff not when I click "Show All Allowed Attributes", nor do I sse it as an option when I click the "Add Attribute" button. What do you mean when you say "Advanced editor"? Having searched for a while, I've found a way to add posixGroups: Right click -> New -> Other -> posixGroup They will however be identified in the tree by the gidnimber, not by their cn... >> And I still can't log in as the user I've added. >> > What error do you get? It's always helpful when you have a problem to > specify > * the platform and 389-ds-base version Fedora 13 389 1.2.0 Error message "User does not exist" > * the exact command you used - if by "log in" you mean system login, I've tried "su" both locally and from a client machine. > also please specify your /etc/ldap.conf settings [root@lb ~]# cat /etc/ldap.conf|grep -v "#"|sed '/^$/d' base dc=labbnet,dc=ne,dc=keryx,dc=se timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm,polkituser,rtkit,pulse uri ldaps://127.0.0.1:1636/ ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5 I've changed the port to 1636 since *nix requires the server to run as root for ldaps on a port below 1024... > * the error message and error code you get from the command, if any > * check the directory server access log from around the time of your log > in attempt to see what the directory server logged /var/log/dirsrv/slapd-lb/errors is silent /var/log/dirsrv/slapd-lb/access (I've removed the timestamp) conn=29 op=47 UNBIND conn=29 op=47 fd=85 closed - U1 conn=26 op=77 MOD dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=77 RESULT err=0 tag=103 nentries=0 etime=1 conn=26 op=78 MOD dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=78 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=79 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=79 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=80 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=80 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=82 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=82 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=83 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=83 RESULT err=0 tag=103 nentries=0 etime=0 conn=28 op=-1 fd=84 closed - B1 conn=26 op=-1 fd=82 closed - B1 conn=27 op=-1 fd=83 closed - B1 -- Lars Gunther http://keryx.se/ http://twitter.com/itpastorn/ http://itpastorn.blogspot.com/ -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
