/etc/ldap.conf: uri ldaps://ldap.mydomain.com base dc=mydomain,dc=com binddn cn=user,ou=People,dc=mydomain,dc=com bindpw password bind_policy soft pam_password md5 pam_login_attribute userID pam_groupdn cn=login,ou=Groups,dc=mydomain,dc=com pam_member_attribute member pam_lookup_policy yes tls_checkpeer no ssl on
LDAP login group: dn: cn=login,ou=Group,dc=mydomain,dc=com objectClass: top objectClass: posixGroup cn: login description: login group gidNumber: 100 memberUid: user1 memberUid: user2
The pam_member_attribute must match the LDAP 'attribute' used in the LDAP login groups; memberUid in your case (not member). Simply mistake?
Joe _________________________________________________________________ Hotmail: Trusted email with powerful SPAM protection. http://clk.atdmt.com/GBL/go/177141665/direct/01/