Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris LDAP group problem
Operating Systems Solaris Solaris LDAP group problem Post 302894047 by cjhilinski on Sunday 23rd of March 2014 10:41:40 AM
Old 03-23-2014
Solaris LDAP group problem
I have a test environment which is running RedHat 6.5 Identity management. On the lab network are two Solaris 10 (U11) machines. I can successfully log into the S10 machines using the ldap username/passwords. However, I have a problem with groups and although I found through an internet search one person who had the exact same problem back in 2009, there was not solution.

On the S10 machine, the only group listed for a user is his/her primary group. If you do "groups username," it returns only the primary group. If you do "id -a username," it also returns only the primary group. Yet if you do "ldaplist -l group \*" you get the entire list of groups with all of the users. And users only get access to directories for which their primary group has rights.

I suspect this is a small configuration thing (probably in ldap_client_file), but I can't find an answer.
 

9 More Discussions You Might Find Interesting

1. Solaris

entry in /etc/group too long - problem using sudo with %group

hi folks, I've been googling for quite some time, but still can't find anything near it...my problem is the following: for useradministration in our company we are using ssh/sudo, now whenever I try to add users (we have quite a number of users) with useradd -G groupname for secondary group I... (4 Replies)
Discussion started by: poli
4 Replies

2. UNIX for Dummies Questions & Answers

LDAP on Solaris help

Folks; Can any one give me a hand on how to use LDAP for authentication in Solaris to allow all & authenticate all users when login into my Solaris UNIX server. Thanks in advance (3 Replies)
Discussion started by: Katkota
3 Replies

3. Red Hat

Issues with LDAP user/group permissions on NFS share

I can't seem to make sense of this. $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.2 Beta (Tikanga) $ $ mount /dev/sda2 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on... (6 Replies)
Discussion started by: dfinn
6 Replies

4. Emergency UNIX and Linux Support

Configure Squid to use LDAP group auth to deny internet access

Hi all We have squid-2.5.STABLE11-3.FC4 running in our environment. LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies

5. UNIX for Dummies Questions & Answers

new to ldap, send email to a ou or group, and see a list from email client

hi, i'm running openldap on ubuntu 10.04, creating new items with apache directory studio (windows version). i use the ldap just as an address book to our small office (email clients are windows live mail 2009, 2011, microsoft outlook 2007 and 2010). a. i cant see a list of the contacts,... (0 Replies)
Discussion started by: V4705
0 Replies

6. UNIX and Linux Applications

LDAP Group query

I need to write LDAP group query where I need to find if a particular user is a member of a 2 specific Groups. This is LDAP Novell edirectory implementation. Below are the details - ================ LDIF entry for OndotAPI group dn: cn=OndotAPI,ou=Groups,o=CNS changetype: add ... (0 Replies)
Discussion started by: jhamaks
0 Replies

7. Web Development

Getting apache to see a LDAP group membership change

trying to implement authz to a webpage using require ldap-group. It works, except I need to do apachectl restart before the server will observe an add or a delete to the group. Seems like apache is acquiring the group membership at startup & caching it. It's a static group. I have apache... (0 Replies)
Discussion started by: maraixadm
0 Replies

8. UNIX for Advanced & Expert Users

AD Group Policy Management and Kerberos / LDAP

Has anyone attempted to define GPO / HBAC policies in Windows Server 2012 that could be respected by Kerberos/LDAP on AIX? I'm looking to associate servers to groups so that when a user part of a group tries to login to a host not associated with that group, it would be denied. This would allow... (3 Replies)
Discussion started by: Devyn
3 Replies

9. UNIX for Beginners Questions & Answers

How install LDAP on a Solaris 10?

Can not find info on how to install on LDAP on a Solaris 10. (0 Replies)
Discussion started by: zbest1966
0 Replies

LEARN ABOUT SUSE

alter_group

ALTER 
GROUP(7)							   SQL Commands 						    ALTER GROUP(7)

NAME

       ALTER GROUP - change role name or membership

SYNOPSIS

       ALTER GROUP groupname ADD USER username [, ... ]
       ALTER GROUP groupname DROP USER username [, ... ]

       ALTER GROUP groupname RENAME TO newname

DESCRIPTION

       ALTER  GROUP  changes  the  attributes  of  a  user group.  This is an obsolete command, though still accepted for backwards compatibility,
       because groups (and users too) have been superseded by the more general concept of roles.

       The first two variants add users to a group or remove them from a group.  (Any role can play the part of either a ``user'' or  a  ``group''
       for  this purpose.) These variants are effectively equivalent to granting or revoking membership in the role named as the ``group''; so the
       preferred way to do this is to use GRANT [grant(7)] or REVOKE [revoke(7)].

       The third variant changes the name of the group. This is exactly equivalent to renaming the role with ALTER ROLE [alter_role(7)].

PARAMETERS

       groupname
	      The name of the group (role) to modify.

       username
	      Users (roles) that are to be added to or removed from the group.	The users must already exist; ALTER GROUP does not create or  drop
	      users.

       newname
	      The new name of the group.

EXAMPLES

       Add users to a group:

       ALTER GROUP staff ADD USER karl, john;

       Remove a user from a group:

       ALTER GROUP workers DROP USER beth;

COMPATIBILITY

       There is no ALTER GROUP statement in the SQL standard.

SEE ALSO

       GRANT [grant(7)], REVOKE [revoke(7)], ALTER ROLE [alter_role(7)]

SQL - Language Statements					    2010-05-14							    ALTER GROUP(7)
All times are GMT -4. The time now is 12:36 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy