Le mercredi 19 juillet 2006 à 09:26 -0500, Aleksandar Milivojevic a écrit : > Quoting Adam Tauno Williams <[EMAIL PROTECTED]>: > > >> Are there any recomendations should I use posixGroup or > >> groupOfUniqueNames for new installations? > > > > Neither! Use "groupOfNames"; "groupOfUniqueNames" is not what you think > > it is. > > Hmmm... Interesting, searching via google mostly returned references > suggesting most of the folks out there (and therefore tools they are > using) utilize groupOfUniqueNames. However, I might be wrong. > > Anyhow, if using either groupOfNames or groupOfUniqueNames, how about > gidNumber attribute from posixGroup? I guess nss_ldap is not going to > work without it. What would be the best way to add that attribute? > Other than defining my custom object classes or using extensibleObject > (obviously you do not recommend those two approaches)? >
Not quite. You should have a look at rfc2307bis (obsolete now but a new version in preparation). Here is an old url http://www.padl.com/~lukeh/rfc2307bis.txt I have a copy of draft-howard-rfc2307bis-01.txt from 20 February 2005 if somebody is in the need. There posixGroup is defined as an auxiliary class which can live with groupOfNames (groupOfUniqueNames) as in: dn: cn=aaa,ou=groups,... objectClass: top objectClass: groupOfNames objectClass: posixGroup cn: aaa gidNumber: xxx member: uid=yyy, ... member: ... and nss_ldap will show uid yyy as member of posix group aaa with gid xxx . Its just that rfc2307bis specifies that we should use groupOfUniqueNames as structural class. May be Luke Howard should be asked why it is so. -- Marcel de Riedmatten
signature.asc
Description: Ceci est une partie de message numériquement signée
--- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
