<p><br /> In the memberuid attribute you need to put the uid not the uidnumber. In the memberuid attribute replace 496 by user and try again.</p>
<p> </p>
<p>Regards,</p>
<p>Renato.</p>
<blockquote style="border-top: 1px solid #ccc; margin: 0; padding-top: 10px;">Em 02/04/2010 11:53, <strong>Marco Strullato < marco.strullato@gmail.com ></strong> escreveu:<br />I use the memberuid attribute: to be as clear as possible I'll paste<br />here the ldif.<br />I hope it will be useful.<br /><br />This is the ldif of the user<br /><br /># entry-id: 709<br />dn: uid=user,ou=ssh,c=it,o=organisation<br />modifyTimestamp: 20100331104156Z<br />modifiersName: cn=directory manager<br />gidNumber: 601<br />uidNumber: 496<br />cn: user<br />passwordGraceUserTime: 0<br />userPassword: {SHA}TytvRdv..<br />sshPublicKey: ssh-rsa AAAAB3NzaC1yc2..<br />gecos: user<br />homeDirectory: /home/user<br />host: server_hostname<br />loginShell: /bin/bash<br />objectClass: top<br />objectClass: posixaccount<br />objectClass: shadowaccount<br />objectClass: hostobject<br />objectClass: account<br />objectClass: sudorole<br />objectClass: ldappublickey<br />sudoCommand:<br />sudoHost:<
br />sudoOption:<br />sudoRunAs:<br />sudoUser:<br />uid: user<br />creatorsName: cn=directory manager<br />createTimestamp: 20100316092928Z<br />nsUniqueId: 51f09b01-1dd2..<br /><br /><br /><br />These are the ldifs of the groups:<br /><br /># entry-id: 742<br />dn: cn=group2, ou=ssh, c=it, o=organisation<br />modifyTimestamp: 20100331134146Z<br />modifiersName: cn=directory manager<br />memberUid: 496<br />memberUid: 494<br />gidNumber: 600<br />objectClass: top<br />objectClass: posixgroup<br />cn: group2<br />creatorsName: cn=directory manager<br />createTimestamp: 20100331083223Z<br />nsUniqueId: e55dca81-1dd11..<br /><br /><br /><br /># entry-id: 743<br />dn: cn=group1,ou=ssh, c=it, o=organisation<br />gidNumber: 601<br />objectClass: top<br />objectClass: posixgroup<br />cn: group1<br />creatorsName: cn=directory manager<br />modifiersName: cn=directory manager<br />createTimestamp: 20100331083429Z<br />modifyTimestamp: 20100331083429Z<br />nsUniqueId: 2ce45681-1dd2..
<br /><br />2010/4/2 Renato Ribeiro da Silva :<br />> Are you sing the memberuid or the uniquemember attribute in the ldap? What<br />> are the values?<br />><br />><br />><br />> Renato<br />><br />> Em 02/04/2010 11:38, Marco Strullato < marco.strullato@gmail.com > escreveu:<br />> Thanks for the answer but I already disabled nscd...<br />><br />> Marco<br />><br />> 2010/4/2 Renato Ribeiro da Silva :<br />>> Marco,<br />>><br />>> Try to stop the the nscd service. Sometimes it gives you the wrong<br />>> information.<br />>><br />>><br />>><br />>> Regards,<br />>><br />>> Renato<br />>><br />>><br />>><br />>><br />>><br />>> Em 02/04/2010 07:27, Marco Strullato < marco.strullato@gmail.com ><br />>> escreveu:<br />>> Hi all,<br />>> I'm using fedora ds as authentication server for my network. I've<br />>&g
t; configured the environment so that linux gets users and groups<br />>> information from the ldap.<br />>> The problem is that I'm getting incomplete information! groups<br />>> definitions are missing.<br />>><br />>> I'll give you an example: a user has a uid, a primary gid and<br />>> secondary gids. I'm not getting secondary gids.<br />>><br />>> I would like "user" to be member of "group1" and "group2". If I ask<br />>> the ldap with getent I get these information:<br />>><br />>> getent passwd user<br />>> user:x:496:601:user:/home/user:/bin/bash<br />>><br />>> getent group group1<br />>> group1:*:601:<br />>><br />>> getent group group2<br />>> group2:*:600:496,494<br />>><br />>> as you can see user has id 496 and gid 601. user is member also of<br />>> group2 ( gid 600)<br />>><br />>> But if I query the system about the "user"
, I get:<br />>><br />>> id user<br />>> uid=496(user) gid=601(group1) groups=601(group1)<br />>><br />>><br />>> Have you ever seen this behaviour? Have you got suggestions?<br />>><br />>><br />>> Regards,<br />>><br />>> Marco<br />>> --<br />>> 389 users mailing list<br />>> 389-users@lists.fedoraprojec t.org<br />>> https://admin.fedoraproject.org/mailman/listinfo/389-users<br />>><br />>><br />>> --<br />>> 389 users mailing list<br />>> 389-users@lists.fedoraproject.org<br />>> https://admin.fedoraproject.org/mailman/listinfo/389-users<br />>><br />><br />><br />><br />> --<br />> Marco Strullato<br />> cell: +393288462393<br />> skype: marco.strullato<br />> --<br />> 389 users mailing list<br />> 389-users@lists.fedoraproject.org<br />> https://admin.fedoraproject.org/mailman/listinfo/389-users<br />>
<br />><br />> --<br />> 389 users mailing list<br />> 389-users@lists.fedoraproject.org<br />> https://admin.fedoraproject.org/mailman/listinfo/389-users<br />><br /><br /><br /><br />-- <br />Marco Strullato<br />cell: +393288462393<br />skype: marco.strullato<br />--<br />389 users mailing list<br />389-users@lists.fedoraproject.org<br />https://admin.fedoraproject.org/mailman/listinfo/389-users<br /><br /></blockquote>