On Wednesday, 04.03.2009 at 09:11 +0100, Martin wrote: > I'd like to use the rfc2307bis schema on our openldap server (I know > it's deleted by IETF). However I can't quite figure out how I could > convince either pam_ldap and/or nss_ldap to accept the group > memberships. All the groups a are found, the users are found but I > couldn't figure out what I need to tell /etc/pam_ldap.conf to accept > the memberships as set in the ldif entries below.
You don't explicitly mention this, so I'll just drop this in here: typically, you need to set both pam_groupdn and pam_member_attribute in /etc/pam_ldap.conf Dave. -- Dave Ewart da...@ceu.ox.ac.uk Computing Manager, Cancer Epidemiology Unit University of Oxford / Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 Get key from http://www.ceu.ox.ac.uk/~davee/davee-ceu-ox-ac-uk.asc N 51.7516, W 1.2152
signature.asc
Description: Digital signature