On Sun, 2008-11-02 at 15:48 +0100, Ansgar Burchardt wrote: > > I'm having problems setting up LDAP with POSIX groups. I can see groups > and members with "getent group mygroup", but am not a member after > logging in. > > To configure LDAP, I added > > nss_base_group ou=Group,dc=example,dc=com?sub > > to /etc/libnss-ldap.conf and pam_ldap.conf. This made the "getent" > command work. The LDAP entry for the group looks like this: > > dn: cn=mygroup,ou=Group,dc=example,dc=com > objectClass: top > objectClass: posixGroup > cn: mygroup > gidNumber: 1000 > memberUid: ansgar > > In online documentation, I also read about the object classes > groupOfNames and groupOfUniqueNames, but have no idea how to use them > (only posixGroup seems to have the gidNumber property and all three > classes are structural).
The ldap documentation is very rare. Have you modified you nsswitch.conf? Regards Frank -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
