Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP auth, secondary groups doesnt works
Operating Systems Linux Red Hat LDAP auth, secondary groups doesnt works Post 302275758 by sncr24 on Monday 12th of January 2009 04:39:31 AM
Old 01-12-2009
LDAP auth, secondary groups doesnt works
RedHat ELS 5.2 & Sun directory

getent passwd: works

toto:*:1000:100:toto:/home/toto:/bin/bash

getent group: works

mygroup:*:10001:1000,1001

but id toto doesnt works Smilie

uid=1000(toto) gid=100(users) groupes=100(users)

BTW in /etc/ldap.conf i use a different mapping for the posix group:
nss_base_group ou=unixGroups,ou=...

Thx for help.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

iPlanet on HP-UX - WANT to auth aganist MS Directory Services/LDAP

I am running iPlanet 6 on HP-UX 11, and presently all users can access the site. There are 6000 users accessing the website from an Windows Network. I would like users to access the site, but would also like to log user ID's in the access log, without prompting users for an ID/Password. Is... (1 Reply)
Discussion started by: shuterj
1 Replies

2. AIX

SSH + LDAP Auth Giving Fits

I'm having a bear of a time getting my LDAP connection going, so I hope someone here has some insight. I have AIX 5.3 running on an LPAR. I have ldap-client, ldap-max-crypto-client, gskak, and gskte installed. I'm able to set up the connection via mksecldap, and I can query users just fine... (1 Reply)
Discussion started by: AlexDeGruven
1 Replies

3. Solaris

sudoers file with groups in LDAP

Hello gurus, I've been working on a sudoers file to work with groups in LDAP. I've created the groups in LDAP and added the users to there respective groups. I've also setup my sudoers file to have the groups match what is in LDAP. And I've added ldap to nsswitch.conf in the group line. The... (6 Replies)
Discussion started by: em23
6 Replies

4. UNIX for Advanced & Expert Users

How ldap authentiation works with TLS?

I am confused in understanding, how ldap authentication works. Anyone has any idea ? I also want to know when you create certificate where does openldap stores certificate information. $nilesh (1 Reply)
Discussion started by: ynilesh
1 Replies

5. Linux

Secondary groups not working with NFS (+LDAP)

I´m using LDAP for groups and NFS for home dirs. My problem is as follows: I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working. ... (0 Replies)
Discussion started by: velmont
0 Replies

6. AIX

Kerberos and LDAP Auth

Good day I am trying to configure Kerberos and LDAP authentication on AIX 5.3 with Windows 2003 R2 but something is not quite right. When I ran kinit username I get a ticket and I can display it using klist. When the user login I can see the ticket request on Windows 2003, but the user... (1 Reply)
Discussion started by: mariusb
1 Replies

7. Emergency UNIX and Linux Support

Configure Squid to use LDAP group auth to deny internet access

Hi all We have squid-2.5.STABLE11-3.FC4 running in our environment. LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies

8. UNIX for Dummies Questions & Answers

ldap , search groups that user belong

i want run query to identify witch groups that user A belong, CN=name,CN=Users,DC=mydomain ?? (1 Reply)
Discussion started by: prpkrk
1 Replies

9. Solaris

Samba idmap ldap: works perfect on Linux,bad on Solaris and hpux

I have configured samba for working with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines) On linux works perfect,and i get the same uid for a X user on all machines. On solaris11 and hpux 11.31 not wbinfo -u works fine wbinfo -g works... (0 Replies)
Discussion started by: Linusolaradm1
0 Replies

10. Gentoo

LDAP-Auth does not work correctly with systemd

Hi, since the upgrade to Gnome 3.6 (now i have 3.8) the authentication over LDAP stops working. The whole machine does not start anymore. The machine boot, but no gdm and no X. I can login, with root, but then the tty hangs. When i look at ttyF12 i see a lot of systemd service the runs random,... (1 Reply)
Discussion started by: darktux
1 Replies

LEARN ABOUT DEBIAN

adduser.conf

adduser.conf(5) 						File Formats Manual						   adduser.conf(5)

NAME

       /etc/adduser.conf - configuration file for adduser(8) and addgroup(8).

DESCRIPTION

       The  file  /etc/adduser.conf  contains  defaults for the programs adduser(8) , addgroup(8) , deluser(8) and delgroup(8).  Each line holds a
       single value pair in the form option = value.  Double or single quotes are allowed around the value, as is  whitespace  around  the  equals
       sign.  Comment lines must have a hash sign (#) in the first column.

       The valid configuration options are:

       DSHELL The login shell to be used for all new users.  Defaults to /bin/bash.

       DHOME  The directory in which new home directories should be created.  Defaults to /home.

       GROUPHOMES
	      If this is set to yes, the home directories will be created as /home/[groupname]/user.  Defaults to no.

       LETTERHOMES
	      If  this	is  set  to  yes, then the home directories created will have an extra directory inserted which is the first letter of the
	      loginname.  For example: /home/u/user.  Defaults to no.

       SKEL   The directory from which skeletal user configuration files should be copied.  Defaults to /etc/skel.

       FIRST_SYSTEM_UID and LAST_SYSTEM_UID
	      specify an inclusive range of UIDs from which system UIDs can be dynamically allocated. Default to 100 - 999.  Please note that sys-
	      tem software, such as the users allocated by the base-passwd package, may assume that UIDs less than 100 are unallocated.

       FIRST_UID and LAST_UID
	      specify an inclusive range of UIDs from which normal user's UIDs can be dynamically allocated. Default to 1000 - 29999.

       FIRST_SYSTEM_GID and LAST_SYSTEM_GID
	      specify an inclusive range of GIDs from which system GIDs can be dynamically allocated.  Default to 100 - 999.

       FIRST_GID and LAST_GID
	      specify an inclusive range of GIDs from which normal group's GIDs can be dynamically allocated. Default to 1000 - 29999.

       USERGROUPS
	      If  this	is set to yes, then each created user will be given their own group to use.  If this is no, then each created user will be
	      placed in the group whose GID is USERS_GID (see below).  The default is yes.

       USERS_GID
	      If USERGROUPS is no, then USERS_GID is the GID given to all newly-created users.	The default value is 100.

       DIR_MODE
	      If set to a valid value (e.g. 0755 or 755), directories created will have the specified permissions as umask. Otherwise 0755 is used
	      as default.

       SETGID_HOME
	      If  this	is  set to yes, then home directories for users with their own group ( USERGROUPS=yes ) will have the setgid bit set. This
	      was the default setting for adduser versions << 3.13. Unfortunately it has some bad side effects,  so  we  no  longer  do  this  per
	      default. If you want it nevertheless you can still activate it here.

       QUOTAUSER
	      If set to a nonempty value, new users will have quotas copied from that user.  The default is empty.

       NAME_REGEX
	      User  and group names are checked against this regular expression. If the name doesn't match this regexp, user and group creation in
	      adduser is refused unless --force-badname is set. With --force-badname set, only weak checks are performed. The default is the  most
	      conservative ^[a-z][-a-z0-9]*$.

       SKEL_IGNORE_REGEX
	      Files  in  /etc/skel/  are checked against this regex, and not copied to the newly created home directory if they match.	This is by
	      default set to the regular expression matching files left over from unmerged config files (dpkg-(old|new|dist)).

       ADD_EXTRA_GROUPS
	      Setting this to something other than 0 (the default) will cause adduser to add newly created non-system users to the list of  groups
	      defined by EXTRA_GROUPS (below).

       EXTRA_GROUPS
	      This  is	the list of groups that new non-system users will be added to.	By default, this list is 'dialout cdrom floppy audio video
	      plugdev users games'

NOTES

       VALID NAMES
	      adduser and addgroup enforce conformity to IEEE Std 1003.1-2001, which allows only the following characters to appear in	group  and
	      user  names:  letters,  digits,  underscores,  periods,  at signs (@) and dashes. The name may no start with a dash. The "$" sign is
	      allowed at the end of usernames (to conform to samba).

	      An additional check can be adjusted via the configuration parameter NAME_REGEX to enforce a local policy.

FILES

       /etc/adduser.conf

SEE ALSO

       adduser(8), addgroup(8), deluser(8), delgroup(8), deluser.conf(5)

Debian GNU/Linux						Version 3.113+nmu3						   adduser.conf(5)
All times are GMT -4. The time now is 05:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy