03-23-2014
Solaris LDAP group problem
I have a test environment which is running RedHat 6.5 Identity management. On the lab network are two Solaris 10 (U11) machines. I can successfully log into the S10 machines using the ldap username/passwords. However, I have a problem with groups and although I found through an internet search one person who had the exact same problem back in 2009, there was not solution.
On the S10 machine, the only group listed for a user is his/her primary group. If you do "groups username," it returns only the primary group. If you do "id -a username," it also returns only the primary group. Yet if you do "ldaplist -l group \*" you get the entire list of groups with all of the users. And users only get access to directories for which their primary group has rights.
I suspect this is a small configuration thing (probably in ldap_client_file), but I can't find an answer.
9 More Discussions You Might Find Interesting
1. Solaris
hi folks,
I've been googling for quite some time, but still can't find anything near it...my problem is the following:
for useradministration in our company we are using ssh/sudo, now whenever I try to add users (we have quite a number of users) with useradd -G groupname for secondary group I... (4 Replies)
Discussion started by: poli
4 Replies
2. UNIX for Dummies Questions & Answers
Folks;
Can any one give me a hand on how to use LDAP for authentication in Solaris to allow all & authenticate all users when login into my Solaris UNIX server.
Thanks in advance (3 Replies)
Discussion started by: Katkota
3 Replies
3. Red Hat
I can't seem to make sense of this.
$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.2 Beta (Tikanga)
$
$ mount
/dev/sda2 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sda1 on... (6 Replies)
Discussion started by: dfinn
6 Replies
4. Emergency UNIX and Linux Support
Hi all
We have squid-2.5.STABLE11-3.FC4 running in our environment.
LDAP authentication works fine. Active Directory 2003 Users are prompted to enter credentials every time they access the net. The system works perfectly, but I need to configure Squid to block users in a specific AD group.... (1 Reply)
Discussion started by: wbdevilliers
1 Replies
5. UNIX for Dummies Questions & Answers
hi, i'm running openldap on ubuntu 10.04, creating new items with apache directory studio (windows version).
i use the ldap just as an address book to our small office (email clients are windows live mail 2009, 2011, microsoft outlook 2007 and 2010).
a. i cant see a list of the contacts,... (0 Replies)
Discussion started by: V4705
0 Replies
6. UNIX and Linux Applications
I need to write LDAP group query where I need to find if a particular user is a member of a 2 specific Groups. This is LDAP Novell edirectory implementation.
Below are the details -
================
LDIF entry for OndotAPI group
dn: cn=OndotAPI,ou=Groups,o=CNS
changetype: add ... (0 Replies)
Discussion started by: jhamaks
0 Replies
7. Web Development
trying to implement authz to a webpage using require ldap-group. It works, except I need to do apachectl restart before the server will observe an add or a delete to the group.
Seems like apache is acquiring the group membership at startup & caching it.
It's a static group.
I have apache... (0 Replies)
Discussion started by: maraixadm
0 Replies
8. UNIX for Advanced & Expert Users
Has anyone attempted to define GPO / HBAC policies in Windows Server 2012 that could be respected by Kerberos/LDAP on AIX?
I'm looking to associate servers to groups so that when a user part of a group tries to login to a host not associated with that group, it would be denied. This would allow... (3 Replies)
Discussion started by: Devyn
3 Replies
9. UNIX for Beginners Questions & Answers
Can not find info on how to install on LDAP on a Solaris 10. (0 Replies)
Discussion started by: zbest1966
0 Replies
LEARN ABOUT REDHAT
create_group
CREATE
GROUP(7) SQL Commands CREATE GROUP(7)
NAME
CREATE GROUP - define a new user group
SYNOPSIS
CREATE GROUP name [ [ WITH ] option [ ... ] ]
where option can be:
SYSID gid
| USER username [, ...]
INPUTS
name The name of the group.
gid The SYSID clause can be used to choose the PostgreSQL group id of the new group. It is not necessary to do so, however.
If this is not specified, the highest assigned group id plus one, starting at 1, will be used as default.
username
A list of users to include in the group. The users must already exist.
OUTPUTS
CREATE GROUP
Message returned if the command completes successfully.
DESCRIPTION
CREATE GROUP will create a new group in the database installation. Refer to the Administrator's Guide for information about using groups
for authentication. You must be a database superuser to use this command.
Use ALTER GROUP [alter_group(7)] to change a group's membership, and DROP GROUP [drop_group(7)] to remove a group.
USAGE
Create an empty group:
CREATE GROUP staff;
Create a group with members:
CREATE GROUP marketing WITH USER jonathan, david;
COMPATIBILITY
SQL92
There is no CREATE GROUP statement in SQL92. Roles are similar in concept to groups.
SQL - Language Statements 2002-11-22 CREATE GROUP(7)