24 Feb
2014
24 Feb
'14
11:26 a.m.
Philip Colmer wrote:
Nonsense. nss_ldap, nss-pam-ldapd, and nssov all support RFC2307bis.
Just to clarify, then, are you saying that if I use RFC2307bis so that I can define a group that built from object classes posixGroup and groupOfNames, and I define the membership of that group using the groupOfNames member attribute then a Linux system configured to use LDAP will resolve a user's account name to their full DN for matching against that group? Are nested groups supported?
Yes, of course.
If that is the case, where can I find documentation for this, please?
You should consult the docs of your favourite NSS provider module/demon.
Ciao, Michael.