[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: group issues

To: Nadeem Hasan <nhasan@usa.net>
Subject: Re: group issues
From: blair christensen <blair@bsd.uchicago.edu>
Date: Wed, 5 Jul 2000 16:15:04 -0500
Cc: openldap-software@openldap.com
Content-disposition: inline
In-reply-to: <39639F99.F088CFAB@usa.net>; from nhasan@usa.net on Wed, Jul 05, 2000 at 04:50:33PM -0400
References: <20000705152246.C24096@bsd.uchicago.edu> <39639F99.F088CFAB@usa.net>
User-agent: Mutt/1.1.4i

i did in fact try that.  the results weren't quite right.  for
instance, say a person was a member of four groups.  using the method
you suggested, the system acted as though the user was only in two (or
three?) of the of groups, with precedence going to the groups with the
lowest gidnumbers.

blair christensen

On Wed, Jul 05, 2000 at 04:50:33PM -0400, Nadeem Hasan wrote:
> Hi,
> 
> How about using both, like here:
> 
>  dn: cn=group0,ou=group,dc=domain,dc=edu
>  cn: group0
>  gidnumber: 5000
>  objectclass: top
>  objectclass: groupOfNames
>  objectclass: posixGroup
>  memberuid: member0
>  member: uid=member0,ou=people,dc=domain,dc=edu
> 
> 
> blair christensen wrote:
> > 
> > hello,
> > openldap 1.2.10, redhat 6.2 (intel) and solaris 8, pam_ldap v65, and
> > nss_ldap v113.
> > 
> > i am having numerous problems getting groups to work properly for me.
> > 
> > what i would like is to have a group with members specified by full DN
> > that would work with both openldap ACLs and with nss_ldap/pam_ldap for
> > supplementary groups.

References:
- group issues
  - From: blair christensen <blair@bsd.uchicago.edu>
- Re: group issues
  - From: Nadeem Hasan <nhasan@usa.net>

Prev by Date: Re: group issues
Next by Date: Stable updated to OpenLDAP 1.2.11
Index(es):
- Chronological
- Thread