[Bug 227229] Re: LDAP and AD connection problem with hardy
** Changed in: libnss-ldap (Ubuntu) Status: New = Triaged ** Changed in: libnss-ldap (Ubuntu) Importance: Undecided = Low -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
Indeed, while writing the post, I didn't realize that these are different packages. libnss-ldap - NSS module for using LDAP as a naming service libnss-ldapd - NSS module for using LDAP as a naming service They look very similar, and probably I mixed up the two packages while installing ldap support. Sorry. -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
Intrepid has a different nss-ldap configuration than hardy. There is a deamon nslcd in the package libnss-ldapd, which has its own config file /etc/nss-ldapd.conf with a different syntax (not compatible to Hardy's /etc/ldap.conf). I use the following filter statement for the groups. I am not an ldap expert, so maybe there is a better one. filter group ((objectClass=group)(msSFU30GidNumber=*)) -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
slithy, kunzol above is wrong: nss-ldapd is indeed available in 8.04, but it is not default and does not supersede libnss-ldap. It is a completely different package than libnss-ldap (although it fill the same use-case). I understand this bug concern libnss-ldap, not libnss- ldap*d*. -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
Oh, I didn't realize he was talking about a different package. -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
I have encountered this bug as well. First I ran into this bug on Hardy, which I built libnss-ldap from source to solve it. Now I'm facing the same problem on Intrepid, so it seems like something is up. Looking at kunzol's fix, I am mapping the msSFU30GidNumber to gid as well and making a filter for the groups worked on Intrepid, but not Hardy. -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 227229] Re: LDAP and AD connection problem with hardy
I confirm this one. The problem is that even thought there is this line in the ldap.conf nss_map_objectclass posixGroup group It will still recognise the AD groups which are not POSIX one's. This will lead it to error with the GID's. I made my work-around with nss_base_group ou=Linux,dc=my,dc=domain,dc=com?one and placed all the POSIX groups under the OU named Linux at the root of our Domain. Another work around is to give all the groups Unix attributes, but in our domain it was impossible because we are a part of a whole lot of bigger forest and we have some cross grouping in the forest. -- LDAP and AD connection problem with hardy https://bugs.launchpad.net/bugs/227229 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs