Hi, all, On Wed, Feb 24, 2010 at 11:23:11AM +0100, Gerrit Kühn wrote: > Is anyone here using nss_ldap and can successfully get it to work with > multiple group memberships? I would really like to get this to work here, > but I only get the primary group: > > penumbra# id gekueh > uid=1030(gekueh) gid=1012(aei) groups=1012(aei)
[r...@devel ~]$ uname -a FreeBSD devel.intern.punkt.de 7.2-RELEASE-p6 FreeBSD 7.2-RELEASE-p6 #0: Mon Feb 22 16:17:54 CET 2010 [email protected]:/var/home/nanobsd/obj/dl320-devel/usr/src/sys/GENERIC amd64 [r...@devel ~]$ pkg_info | grep ldap nss_ldap-1.264_3 RFC 2307 NSS module openldap-client-2.4.21 Open source LDAP client implementation pam_ldap-1.8.5 A pam module for authenticating with LDAP [r...@devel ~]$ id uid=10093(ry93) gid=10001(intern) groups=10001(intern),0(wheel) LDAP server is Active Directory on Windows 2003 R2. What precisely do you need? Ah, heck, I'll just attach my config files right away. nss_ldap.conf is just a symlink to ldap.conf. I do not remember where that '?one' came from and what precisely it does. Voodoo I copied from some obscure "Howto", I figure. I'd appreciate some feedback on that part ;-) Best regards, HTH, Patrick -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 [email protected] http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285
# # nsswitch.conf(5) - name service switch configuration file # $FreeBSD: src/etc/nsswitch.conf,v 1.1.8.1 2009/04/15 03:14:26 kensmith Exp $ # group: cache files ldap hosts: files dns networks: files passwd: cache files ldap shells: files services: compat services_compat: nis protocols: files rpc: files
uri ldap://pdc.intern.punkt.de base DC=intern,DC=punkt,DC=de ldap_version 3 binddn *** bindpw *** scope sub idle_timelimit 60 pam_login_attribute msSFU30Name pam_filter objectclass=User pam_password ad nss_map_objectclass posixAccount User nss_map_objectclass posixGroup Group nss_base_passwd ou=Mitarbeiter,dc=intern,dc=punkt,dc=de?one nss_base_group ou=Unixgruppen,dc=intern,dc=punkt,dc=de?one nss_map_attribute uid msSFU30Name nss_map_attribute gecos name nss_map_attribute userPassword unixUserPassword nss_map_attribute homeDirectory unixHomeDirectory nss_map_attribute uniqueMember member nss_map_attribute cn sAMAccountName nss_map_attribute uniquemember msSFU30PosixMember
_______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[email protected]"
