[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More than one group for each user



On Mon, Jul 28, 2003 at 11:45:25AM -0300, luiz@pucrs.br wrote:
> I have some users that need to belong to more than one group, but I only
> found the "gidNumber" attribute, for the primary group. Is there one
> attribute for the secondary groups? Or the approaching to solve the problem
> is different in LDAP? I´m thinking in UNIX terms...

It's exactly the same in Unix. You have the user's primary group (that's this
gidNumber) which, in unix terms, is in /etc/passwd along with his/her uid.
Then you have the supplementary groups, which are stored in /etc/group. In 
LDAP, these would be, for example, in a Group organizational unit (ou).

What makes them being treat as supplementary groups is not the ou=Group name,
but rather the application which accesses ldap. In this case, you are most
likely dealing with nss_ldap.

> I didn´t understand how to make this using LDAP. :-(

Check the documentation with nss_ldap, the ldap howto (linuxdoc.org probably
has it) and the migration tools package from www.padl.com