[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Search for primary group
On 05/23/17 09:17 -0400, Bernard Fay wrote:
Is there a way to find the primary group of a user with ldapsesarch or
other command?
I run OpenLDAP version 2.4.40 on CentOS 7.2 if that matters.
I assume you're asking about unix groups.
Commonly the primary unix group id is stored within the gidNumber
attribute of the user's corresponding DN. You can retrieve the primary
group id with 'getent passwd <user>', or by searching for that attribute.
Refer to your nss documentation (libnss-ldap, nss-pam-ldapd, nssov) for how
to resolve the gidNumber to a group name, or use 'getent group <gidNumber>'.
The first group printed using 'groups <user>' should be the primary group,
but the man page makes no claims of that being true.
--
Dan White