Re: [SOLVED] pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

To answer my own question: To get this to work all you need to do is map uniqueMember to member in /etc/libnss-ldap.conf: nss_map_attribute member memberUid 2009/3/12 Martin : > Hi, > > 2009/3/12 Dave Ewart : >> On Wednesday, 11.03.2009 at 22:01 +0100, Martin wrote: >> >>> OK I Managed to

Re: pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

Hi, 2009/3/12 Dave Ewart : > On Wednesday, 11.03.2009 at 22:01 +0100, Martin wrote: > >> OK I Managed to get at least group memberships (somehow working): >> >> # getent group testers users; id john.doe >> testers:*:5001:cn=Dummy,uid=john.doe,ou=People,dc=marcher,dc=name >> users:*:5000:cn=Dummy,u

Re: pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

On Wednesday, 11.03.2009 at 22:01 +0100, Martin wrote: > OK I Managed to get at least group memberships (somehow working): > > # getent group testers users; id john.doe > testers:*:5001:cn=Dummy,uid=john.doe,ou=People,dc=marcher,dc=name > users:*:5000:cn=Dummy,uid=john.doe,ou=People,dc=marcher,dc

Re: pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

OK I Managed to get at least group memberships (somehow working): # getent group testers users; id john.doe testers:*:5001:cn=Dummy,uid=john.doe,ou=People,dc=marcher,dc=name users:*:5000:cn=Dummy,uid=john.doe,ou=People,dc=marcher,dc=name uid=1000(john.doe) gid=5000(users) groups=5000(users) now,

Re: pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

Hi, 2009/3/4 Dave Ewart : > You don't explicitly mention this, so I'll just drop this in here: > typically, you need to set both pam_groupdn and pam_member_attribute in > /etc/pam_ldap.conf i have set that: # egrep -v '^$|^#' /etc/pam_ldap.conf base dc=marcher,dc=name uri ldap://localhost ldap_v

Re: pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

On Wednesday, 04.03.2009 at 09:11 +0100, Martin wrote: > I'd like to use the rfc2307bis schema on our openldap server (I know > it's deleted by IETF). However I can't quite figure out how I could > convince either pam_ldap and/or nss_ldap to accept the group > memberships. All the groups a are fou

pam_ldap, nss_ldap and rfc2307bis (using member instead of memberUid)

Hello, I'd like to use the rfc2307bis schema on our openldap server (I know it's deleted by IETF). However I can't quite figure out how I could convince either pam_ldap and/or nss_ldap to accept the group memberships. All the groups a are found, the users are found but I couldn't figure out what I