[Date Prev][Date Next] [Chronological] [Thread] [Top]

unix groups problem

To: <openldap-software@OpenLDAP.org>
Subject: unix groups problem
From: Marcin Radecki <marcinr@student.uci.agh.edu.pl>
Date: Thu, 5 Jul 2001 14:18:28 +0200 (MET DST)

Hello,

I don't know if I should send this post to this list,
(maybe I should go somewhere in www.padl.com), forgive me if so.

Problem arise when my user belongs to several unix groups.
(config is: linux rh6.2/openldap2.0.11/nss_ldap155/pam_ldap118)
When user login to system, 'id' command returns only one
group corresponding to attribute 'gidNumber', eg:
>uid=501(zyzio) gid=1501(group1) groups=1501(group1)
but user belongs to 'admins' as well. I cannot switch to that
group ($newgrp admins) without password as it usually can be done
if user belongs to that group.

The small part of logfile is as follows:
>Jul  5 13:09:59 mrtg slapd[566]: conn=758 op=4 SRCH
>base="dc=wszib,dc=edu,dc=pl" scope=2
>filter="(&(objectClass=posixGroup)(memberUid=zyzio))"
>Jul  5 13:10:00 mrtg slapd[566]: conn=758 op=4 SEARCH RESULT tag=101
>err=0 text=

Means that query is ok, and I think that database entries are correct.
I typed in shell:
$ ldapsearch '(&(objectclass=posixGroup)(cn=admins))' -b "dc=edu,dc=pl"

and response was:

version: 2

#
# filter: (&(objectclass=posixGroup)(cn=admins))
# requesting: ALL
#

# admins,group,dc=edu,dc=pl
dn: cn=admins,ou=group,dc=edu,dc=pl
cn: admins
gidNumber: 502
objectClass: top
objectClass: groupOfUniqueNames
objectClass: posixGroup
uniqueMember: uid=zyzio,ou=people,dc=edu,dc=pl
memberUid: zyzio

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Correct group is returned, so what could be wrong?
Has anyone working config?
Thanks in advance,
Marcin

Follow-Ups:
- Re: unix groups problem
  - From: Thomas Hager <thomas.hager@1012surf.net>

Prev by Date: control unavailable in NamingContext
Next by Date: RE: special characters
Index(es):
- Chronological
- Thread