01-12-2009
LDAP auth, secondary groups doesnt works
RedHat ELS 5.2 & Sun directory
getent passwd: works
toto:*:1000:100:toto:/home/toto:/bin/bash
getent group: works
mygroup:*:10001:1000,1001
but id toto doesnt works
uid=1000(toto) gid=100(users) groupes=100(users)
BTW in /etc/ldap.conf i use a different mapping for the posix group:
nss_base_group ou=unixGroups,ou=...
Thx for help.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am running iPlanet 6 on HP-UX 11, and presently all users can access the site.
There are 6000 users accessing the website from an Windows Network. I would like users to access the site, but would also like to log user ID's in the access log, without prompting users for an ID/Password.
Is... (1 Reply)
Discussion started by: shuterj
1 Replies
2. AIX
I'm having a bear of a time getting my LDAP connection going, so I hope someone here has some insight.
I have AIX 5.3 running on an LPAR. I have ldap-client, ldap-max-crypto-client, gskak, and gskte installed. I'm able to set up the connection via mksecldap, and I can query users just fine... (1 Reply)
Discussion started by: AlexDeGruven
1 Replies
3. Solaris
Hello gurus,
I've been working on a sudoers file to work with groups in LDAP. I've created the groups in LDAP and added the users to there respective groups. I've also setup my sudoers file to have the groups match what is in LDAP. And I've added ldap to nsswitch.conf in the group line. The... (6 Replies)
Discussion started by: em23
6 Replies
4. UNIX for Advanced & Expert Users
I am confused in understanding, how ldap authentication works. Anyone has any idea ? I also want to know when you create certificate where does openldap stores certificate information.
$nilesh (1 Reply)
Discussion started by: ynilesh
1 Replies
5. Linux
I´m using LDAP for groups and NFS for home dirs. My problem is as follows:
I only have a few groups, so it's not the problem everyone else had. When I've mounted a disk over NFS, I need to have my primary group in order to read in the groups I'm a member of. Secondary groups is not working.
... (0 Replies)
Discussion started by: velmont
0 Replies
6. AIX
Good day
I am trying to configure Kerberos and LDAP authentication on AIX 5.3 with Windows 2003 R2 but something is not quite right.
When I ran kinit username I get a ticket and I can display it using klist.
When the user login I can see the ticket request on Windows 2003, but the user... (1 Reply)
Discussion started by: mariusb
1 Replies
7. Emergency UNIX and Linux Support
Hi all
We have squid-2.5.STABLE11-3.FC4 running in our environment.
LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies
8. UNIX for Dummies Questions & Answers
i want run query to identify witch groups that user A belong,
CN=name,CN=Users,DC=mydomain ?? (1 Reply)
Discussion started by: prpkrk
1 Replies
9. Solaris
I have configured samba for working
with and external ldap(ad windows2003+openldap backend to obtain the same uid and gid on all linux machines)
On linux works perfect,and i get the same uid for a X user
on all machines.
On solaris11 and hpux 11.31 not
wbinfo -u works fine
wbinfo -g works... (0 Replies)
Discussion started by: Linusolaradm1
0 Replies
10. Gentoo
Hi,
since the upgrade to Gnome 3.6 (now i have 3.8) the authentication over LDAP stops working. The whole machine does not start anymore. The machine boot, but no gdm and no X. I can login, with root, but then the tty hangs. When i look at ttyF12 i see a lot of systemd service the runs random,... (1 Reply)
Discussion started by: darktux
1 Replies
LEARN ABOUT NETBSD
getcap
GETENT(1) BSD General Commands Manual GETENT(1)
NAME
getent -- get entries from administrative databases
SYNOPSIS
getent database [key ...]
getcap database [key ...]
DESCRIPTION
The getent program retrieves and displays entries from the administrative database specified by database, using the lookup order specified in
nsswitch.conf(5). The display format for a given database is as per the ``traditional'' file format for that database.
database may be one of:
Database Display format
disktab entry
ethers address name
gettytab entry
group group:passwd:gid:[member[,member]...]
hosts address name [alias ...]
netgroup (host,user,domain) [...]
networks name network [alias ...]
passwd user:passwd:uid:gid:gecos:home_dir:shell
printcap entry
protocols name protocol [alias ...]
rpc name number [alias ...]
services name port/protocol [alias ...]
shells /path/to/shell
If one or more key arguments are provided, they will be looked up in database using the appropriate function. For example, passwd supports a
numeric UID or user name; hosts supports an IPv4 address, IPv6 address, or host name; and services supports a service name, service name/pro-
tocol name, numeric port, or numeric port/protocol name.
If no key is provided and database supports enumeration, all entries for database will be retrieved using the appropriate enumeration func-
tion and printed.
For cgetcap(3) style databases (disktab, printcap) specifying a key, lists the entry for that key, and specifying more arguments after the
key are used as fields in that key, and only the values of the keys are returned. For boolean keys true is returned if the key is found. If
a key is not found, then false is always returned.
DIAGNOSTICS
getent exits 0 on success, 1 if there was an error in the command syntax, 2 if one of the specified key names was not found in database, or 3
if there is no support for enumeration on database.
SEE ALSO
cgetcap(3), disktab(5), ethers(5), gettytab(5), group(5), hosts(5), networks(5), nsswitch.conf(5), passwd(5), printcap(5), protocols(5),
rpc(5), services(5), shells(5)
HISTORY
A getent command appeared in NetBSD 3.0. It was based on the command of the same name in Solaris and Linux.
BSD
October 11, 2011 BSD