[Date Prev][Date Next] [Chronological] [Thread] [Top]

/etc/ldap.conf not obeying directives

In /etc/ldap.conf, I added the following line to our administrative
machines (Linux) to only allow members of the admin group to login:

pam_group_dn cn=admin,ou=group,dc=example,dc=com

When I do an 'id djsmith', I see:
uid=1132(djsmith) gid=1000(admin)

And when I do an 'id kurt', I see:
uid=1234(kurt) gid=5000(users)

However, he and I are both able to login, even though he doesn't belong
to the admins group (which does indeed exist in my OpenLDAP diretory).

Any ideas?