brendan kearney wrote: > So the OS wont actually recognize the groupOfNames group, but by adding the > posix class and attributes, it can recognize the group name and gid?
The OS needs at least the POSIX-GID. Without it it's not a POSIX group at OS level. You have to fiddle with schema installed at your LDAP server to use the RFC2307bis schema. Note that migrating to this schema might exclude older NSS LDAP clients from using this data. In a former project for maintaining backwards compability I defined a hybrid class for group entries derived from 'posixGroup' and 'groupOfNames' containing 'memberUID' (RFC2307) and 'member' (RFC2307bis) attributes. web2ldap's built-in group admin feature maintains both in sync. Whatever client you're using would have to also do this. Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-users
