[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Search for primary group

To: Bernard Fay <bernard.fay@gmail.com>
Subject: Re: Search for primary group
From: Dan White <dwhite@cafedemocracy.org>
Date: Tue, 23 May 2017 10:16:51 -0500
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <CAH3AE4bJ_UOef86wGbydtqsWG-hjYYt45fpDrgH9W9QZYPR47w@mail.gmail.com>
References: <CAH3AE4bJ_UOef86wGbydtqsWG-hjYYt45fpDrgH9W9QZYPR47w@mail.gmail.com>
User-agent: NeoMutt/20170113 (1.7.2)

On 05/23/17 09:17 -0400, Bernard Fay wrote:

Is there a way to find the primary group of a user with ldapsesarch or
other command?

I run OpenLDAP version 2.4.40 on CentOS 7.2 if that matters.


I assume you're asking about unix groups.

Commonly the primary unix group id is stored within the gidNumber
attribute of the user's corresponding DN. You can retrieve the primary
group id with 'getent passwd <user>', or by searching for that attribute.

Refer to your nss documentation (libnss-ldap, nss-pam-ldapd, nssov) for how
to resolve the gidNumber to a group name, or use 'getent group <gidNumber>'.

The first group printed using 'groups <user>' should be the primary group,
but the man page makes no claims of that being true.

--
Dan White

References:
- Search for primary group
  - From: Bernard Fay <bernard.fay@gmail.com>

Prev by Date: Search for primary group
Next by Date: Can I do this with openldap ?
Index(es):
- Chronological
- Thread