[Date Prev][Date Next]
Re: MIT Kerby 5/LDAP integration: Initial success?
On Sunday 07 March 2004 21:49, Kevin wrote:
> Hi All-
> Many thanks to all on this list who've helped me get
> to where I think I am now.
> I'm kind of excited and writing to report what seems
> to be at least an initial success (still have to get
> AFS data worked into this picture), and to ask some
> more questions about how it works and where some
> things are stored (number of failed login attempts).
Also, after logging in as a nonsense user, I checked a
couple of things:
as expected (the contents of the uid field from LDAP)
uid=uidNumber as expected, gid=gidNumber as expected,
but along with the gid (expected) groups is also
showing these two: groups=33838,39880.
I have no idea where these come from. They are not
group numbers from the client's /etc/group file,
they're not in the LDAP Directory. Can anyone tell me
what other sources are consulted in this process and
thus where these group numbers might be coming from?
I do want to create the ability to have a user present
only in the LDAP Directory be able to belong to
multiple groups, and I'm sure that's an option, but
I'm still not sure how to implement it and this might
give me some insight.
What other pieces of data does the login program obtain
from the LDAP Directory (and/or elsewhere)?