Alceu Rodrigues de Freitas Junior wrote:
For a matter of studying OpenLDAP, I decided to create a CLI in Golang that is based on the migrationtools (https://gitlab.com/future-ad-laboratory/migrationtools), which is written in Bash and (very old) Perl code.
All the Golang module is available here: https://github.com/glasswalk3r/aprendendo-openldap/tree/main/migration.
After learning about the memberof overlay, I've being wondering if it is possible to use it to maintain the UNIX groups at /etc/group instead of just replicating the same information over an over.
I've tried to find references in the documentation of using PAM and NSCD in the Linux clients for authenticating from a OpenLDAP server, but found nothing regarding those requirements, neither a detailed explanation (without resorting looking into the source code) of how those requests from a Linux client would be sent to OpenLDAP in order to check that.
If any has any pointers on the subject, I would be glad to receive them.
Thanks in advance,
You don't need memberOf to maintain /etc/group info in LDAP.