LDAP and POSIX groups
Hi,
I'm having problems setting up LDAP with POSIX groups. I can see groups
and members with "getent group mygroup", but am not a member after
logging in.
To configure LDAP, I added
nss_base_group ou=Group,dc=example,dc=com?sub
to /etc/libnss-ldap.conf and pam_ldap.conf. This made the "getent"
command work. The LDAP entry for the group looks like this:
dn: cn=mygroup,ou=Group,dc=example,dc=com
objectClass: top
objectClass: posixGroup
cn: mygroup
gidNumber: 1000
memberUid: ansgar
In online documentation, I also read about the object classes
groupOfNames and groupOfUniqueNames, but have no idea how to use them
(only posixGroup seems to have the gidNumber property and all three
classes are structural).
Regards,
Ansgar
--
PGP: 1024D/595FAD19 739E 2D09 0969 BEA9 9797 B055 DDB0 2FF7 595F AD19
Reply to: