Johannes Löthberg wrote:
> On 26/10, Giovanni Biscuolo wrote:
>> Dear Dieter thank you so much!
>>
>> * Dieter Klünter [2016-10-26 15:07:13 +0200]:
>>
>> [...]
>>
>>> > memberUid:: IGFyaWFubmE=
>>
>> [...]
>>
>>> > also, on a client machine configured to use libnss-ldapd, if I list
>>> > the groups with "sudo getent group" I can see the "clear text"
>>> > members (e.g. firstuser in the example above) but not the "hashed"
>>> > one; the same using the "members" command
>>
>> to be a little more clear: "getent group" does not show the base64 encoded
>> users (aka listed as "memberUid:: ..." in LDIF)
>
> That sounds more like it's just not enumerating the users properly.
Python 2.7.12 (default, Jun 28 2016, 06:57:42) [GCC] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> 'IGFyaWFubmE='.decode('base64')
' arianna'
IGFyaWFubmE= is simply ' arianna' with space as first character (hence the
base64-encoding of the attribute value in the LDIF output). No wonder why the
group membership of user arianna is not correct. It must match exactly.
Computers are like that.
=> fix the attribute value
Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature