Ok I have seen in the logs that usermod uses the member attribute when trying to update supplementary groups of a user, and id uses the memberUid attribute when trying to search info of a user.. how on earth can I use both commands without having to use group entries with both member and memberUids attributes?? BTW I'm using SUSE LES 10 SP2
Saludos,
Oskar Kossuth Administrador UNIX ANTEL Telecomunicaciones
-----Mensaje original----- De: Michael Ströder [mailto:michael@stroeder.com] Enviado el: Wednesday, February 18, 2009 3:15 PM Para: Kossuth Espinosa, Oskar CC: openldap-technical@openldap.org Asunto: Re: Usermod problems with ldap
okossuth@antel.com.uy wrote:
Ok.you are correct, but if I use the rfc2307bis.schema I can have groupofnames as structural and posixgroup as auxiliary to be able to use member and memberUid attributes.
Yes, but you have to maintain both attributes (member sets) separately. With my web2ldap you can do it at once.
Before I was using nis.schema and now I use rfc2307bis.schema and the usermod command worked. But the id command doesn't show groups stored in the ldap that use only the member attribute of a groupofnames group entry... any ideas?
You should look into your logs what the nss_ldap implementation you're using is really looking for.
Ciao, Michael.
El presente correo y cualquier posible archivo adjunto está dirigido únicamente al destinatario del mensaje y contiene información que puede ser confidencial. Si Ud. no es el destinatario correcto por favor notifique al remitente respondiendo anexando este mensaje y elimine inmediatamente el e-mail y los posibles archivos adjuntos al mismo de su sistema. Está prohibida cualquier utilización, difusión o copia de este e-mail por cualquier persona o entidad que no sean las específicas destinatarias del mensaje. ANTEL no acepta ninguna responsabilidad con respecto a cualquier comunicación que haya sido emitida incumpliendo nuestra Política de Seguridad de la Información. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . This e-mail and any attachment is confidential and is intended solely for the addressee(s). If you are not intended recipient please inform the sender immediately, answering this e-mail and delete it as well as the attached files. Any use, circulation or copy of this e-mail by any person or entity that is not the specific addressee(s) is prohibited. ANTEL is not responsible for any communication emitted without respecting our Information Security Policy.