Hi,
I've configured a user to be a member of another posixGroup as so...
dn: cn=dev2,ou=groups,dc=test,dc=net
cn: dev2
gidNumber: 1003
objectClass: posixGroup
objectClass: top
memberUid: dave
The users info:
dn: cn=David FooBar,ou=people,dc=test,dc=net
givenName: David
sn: FooBar
cn: David FooBar
uid: dave
userPassword::
uidNumber: 1009
gidNumber: 1004
homeDirectory: /home/dave
loginShell: /bin/bash
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
objectClass: top
If I log into a server with the users account, it shows him properly a member of gid 1004, but does not list his seconday group of dev2.
My /etc/ldap.conf file is
base dc=test,dc=net
binddn cn=Manager,dc=test,dc=net
bindpw
timelimit 15
bind_timelimit 15
idle_timelimit 3600
nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman
pam_filter objectclass=posixaccount
pam_member_attribute memberuid
nss_base_passwd ou=People,dc=test,dc=net?one
nss_base_shadow ou=People,dc=test,dc=net?one
nss_base_group ou=Groups,dc=test,dc=net?one
uri ldaps://prodldap01/ ldaps://prodldap02/
ssl on
tls_cacertdir /etc/openldap/cacerts
tls_checkpeer no
pam_password md5
I also tried changing the value of memberUid to the DN of the user, but that did not work as well. Any suggestions are appreciated. Thanks
- Justin Lintz