On Dec 11, 2006, at 3:45 PM, Brian LaMere wrote:
Problem is getting nss_ldap to actually aquire user info -
especially minor
details like UID and GID. I've been workin at this silly task for
too long
now; anyone on the list have a line on a /etc/ldap.conf that will
*actually
work* with nss_ldap?
I'm not in front of anything that can give me specifics, but you
_did_ go through the /etc/ldap.conf and double check the attribute
mappings, right?
The nss_ldap ldap.conf allows you to map the Unix attribute names to
whatever attribute names you really use in the LDAP database.
In fact, just checking the config file we use, there's a nice comment
block provided by the RHEL (and presumably fedora) packages for
nss_ldap:
# Services for UNIX 3.5 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount User
#nss_map_attribute uid msSFU30Name
#nss_map_attribute uniqueMember msSFU30PosixMember
#nss_map_attribute userPassword msSFU30Password
#nss_map_attribute homeDirectory msSFU30HomeDirectory
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_objectclass posixGroup Group
#pam_login_attribute msSFU30Name
#pam_filter objectclass=User
#pam_password ad
You may need to specify additional mappings for uidNumber and
gidNumber, unless those attributes are already provided by MS SFU.
Gregory
--
Gregory K. Ruiz-Ade <[EMAIL PROTECTED]>
OpenPGP Key ID: EAF4844B keyserver: pgpkeys.mit.edu
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
