Paul,
You can do few things to debug...
* Check the server log to see what happens...
* Do the same with ldapsearch and see if you get results. Ex. ldapsearch
-h myhost -p 389 -b "dc=example, dc=com" "objectclass=posixgroup"
etc...
* Check /etc/nsswitch.conf to make sure the 'ldap' is included in the
search order (if you use authconfig on Linux it will set it for you).
-Satish.
Paul Fontenot wrote:
Thanks Satish,
I have added all this (including the shadowAccount attribute). getent
passwd / shadow work correctly but group still does not. I'm off to find
documentation...
Thanks,
-Paul
On Wed, 2008-01-02 at 16:44 -0500, Satish Chetty wrote:
> Paul,
> Go to the group entry. Right click and select 'Advanced properties'.
> Click on objectclass and click 'Add Value'. It should like all
> objectclasses you can add.
>
> -Satish.
>
> Paul Fontenot wrote:
>> I'm *assuming* you mean somewhere other than here (in the attached png
>> file). When I go to create the group and attempt to add the posixgroup
>> object class I do not see that option anywhere - lots of other things
>> though. I will go back to hunting the information on the fedora site as
>> well.
>>
>> Thanks for the help,
>>
>> -Paul
>>
>> On Wed, 2008-01-02 at 16:27 -0500, Aaron Bliss wrote:
>>> Paul,
>>> You have to create a group in ldap, then add the posixgroup object
>>> class. If you do this thru the admin console, you will then see a
>>> text box appear called gidnumber. In that box enter whatever gid you
>>> wish to use.
>>>
>>> Aaron
>>>
>>> Paul Fontenot wrote:
>>>> Thanks Aaron,
>>>>
>>>> That's what has me stumped, the GID is there (that's the 500). I
guess
>>>> what has me confused is I can't figure out how to tie that number to
a
>>>> group and have it show in the getent group query.
>>>>
>>>> -Paul
>>>>
>>>> On Wed, 2008-01-02 at 16:11 -0500, Aaron Bliss wrote:
>>>>
>>>>> Paul,
>>>>> You probably need to assign a gidnumber (posixgroup attribute) to
your
>>>>> primary ldap group. I've noticed that linux boxes only recognize
group
>>>>> memberships for groups that have gid's.
>>>>>
>>>>> Aaron
>>>>>
>>>>> Paul Fontenot wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I've searched hi and low and found a couple references to the
problem I
>>>>>> have but no solutions.
>>>>>>
>>>>>> If I issue 'getent passwd' I can see all the ldap users,
if I issue a
>>>>>> getent group I cannot see any of the ldap groups. When I log into
one of
>>>>>> my linux boxes I get 'id: cannot find name for group ID
500' (500 is an
>>>>>> ldap group).
>>>>>>
>>>>>> What would cause this issue? I've been beating my head
against it for a
>>>>>> couple days and decided to turn to the experts.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Paul
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Fedora-directory-users mailing list
>>>>>> Fedora-directory-users(a)redhat.com
>>>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>>>
>>>>>>
>>>> --
>>>> Fedora-directory-users mailing list
>>>> Fedora-directory-users(a)redhat.com
>>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>>
>>> --
>>> Aaron Bliss
>>> Systems Administrator
>>> SUNY Brockport
>>> (585) 395-2417
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users(a)redhat.com
>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>> ------------------------------------------------------------------------
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> --
>>> Fedora-directory-users mailing list
>>> Fedora-directory-users(a)redhat.com
>>>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
> --
> Fedora-directory-users mailing list
> Fedora-directory-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users