[Fedora-directory-users] getent?

Paul Fontenot wpfontenot at cox.net
Wed Jan 2 22:31:49 UTC 2008 

ldapsearch appears to be fine:

[root at ldap bin]# ./ldapsearch -b "dc=fontenotshome,dc=org"
"objectclass=posixgroup"
version: 1
dn: cn=LinuxAdmins,ou=Groups, dc=fontenotshome,dc=org
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
cn: LinuxAdmins
gidNumber: 750
uniqueMember: uid=fontenwp,ou=People, dc=fontenotshome,dc=org

dn: cn=LinuxUsers,ou=Groups, dc=fontenotshome,dc=org
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
cn: LinuxUsers
gidNumber: 500
uniqueMember: uid=fontenwp,ou=People, dc=fontenotshome,dc=org
[root at ldap bin]# 

and the logs don't show any errors. Does this thing do caching and if so
how can itbe cleared, reset, etc...

On Wed, 2008-01-02 at 17:11 -0500, Satish Chetty wrote:
> Paul,
> 	You can do few things to debug...
> 
> * Check the server log to see what happens...
> * Do the same with ldapsearch and see if you get results. Ex. ldapsearch 
> -h myhost -p 389 -b "dc=example, dc=com" "objectclass=posixgroup" etc...
> * Check /etc/nsswitch.conf to make sure the 'ldap' is included in the 
> search order (if you use authconfig on Linux it will set it for you).
> 
> -Satish.
> 
> Paul Fontenot wrote:
> > Thanks Satish,
> > 
> > I have added all this (including the shadowAccount attribute). getent
> > passwd / shadow work correctly but group still does not. I'm off to find
> > documentation...
> > 
> > Thanks,
> > 
> > -Paul
> > 
> > On Wed, 2008-01-02 at 16:44 -0500, Satish Chetty wrote:
> >> Paul,
> >> 	Go to the group entry. Right click and select 'Advanced properties'. 
> >> Click on objectclass and click 'Add Value'. It should like all 
> >> objectclasses you can add.
> >>
> >> -Satish.
> >>
> >> Paul Fontenot wrote:
> >>> I'm *assuming* you mean somewhere other than here (in the attached png
> >>> file). When I go to create the group and attempt to add the posixgroup
> >>> object class I do not see that option anywhere - lots of other things
> >>> though. I will go back to hunting the information on the fedora site as
> >>> well. 
> >>>
> >>> Thanks for the help,
> >>>
> >>> -Paul
> >>>
> >>> On Wed, 2008-01-02 at 16:27 -0500, Aaron Bliss wrote:
> >>>> Paul,
> >>>> You have to create a group in ldap, then add the posixgroup object
> >>>> class.  If you do this thru the admin console, you will then see a
> >>>> text box appear called gidnumber.  In that box enter whatever gid you
> >>>> wish to use.
> >>>>
> >>>> Aaron
> >>>>
> >>>> Paul Fontenot wrote: 
> >>>>> Thanks Aaron,
> >>>>>
> >>>>> That's what has me stumped, the GID is there (that's the 500). I guess
> >>>>> what has me confused is I can't figure out how to tie that number to a
> >>>>> group and have it show in the getent group query.
> >>>>>
> >>>>> -Paul
> >>>>>
> >>>>> On Wed, 2008-01-02 at 16:11 -0500, Aaron Bliss wrote:
> >>>>>   
> >>>>>> Paul,
> >>>>>> You probably need to assign a gidnumber (posixgroup attribute) to your 
> >>>>>> primary ldap group.  I've noticed that linux boxes only recognize group 
> >>>>>> memberships for groups that have gid's.
> >>>>>>
> >>>>>> Aaron
> >>>>>>
> >>>>>> Paul Fontenot wrote:
> >>>>>>     
> >>>>>>> Hi,
> >>>>>>>
> >>>>>>> I've searched hi and low and found a couple references to the problem I
> >>>>>>> have but no solutions. 
> >>>>>>>
> >>>>>>> If I issue 'getent passwd' I can see all the ldap users, if I issue a
> >>>>>>> getent group I cannot see any of the ldap groups. When I log into one of
> >>>>>>> my linux boxes I get 'id: cannot find name for group ID 500' (500 is an
> >>>>>>> ldap group).
> >>>>>>>
> >>>>>>> What would cause this issue? I've been beating my head against it for a
> >>>>>>> couple days and decided to turn to the experts.
> >>>>>>>
> >>>>>>> Thanks,
> >>>>>>>
> >>>>>>> Paul
> >>>>>>>
> >>>>>>>
> >>>>>>> --
> >>>>>>> Fedora-directory-users mailing list
> >>>>>>> Fedora-directory-users at redhat.com
> >>>>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>>>   
> >>>>>>>       
> >>>>> --
> >>>>> Fedora-directory-users mailing list
> >>>>> Fedora-directory-users at redhat.com
> >>>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>>   
> >>>> -- 
> >>>> Aaron Bliss
> >>>> Systems Administrator
> >>>> SUNY Brockport
> >>>> (585) 395-2417
> >>>> --
> >>>> Fedora-directory-users mailing list
> >>>> Fedora-directory-users at redhat.com
> >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >>>>
> >>>> ------------------------------------------------------------------------
> >>>>
> >>>>
> >>>> ------------------------------------------------------------------------
> >>>>
> >>>> --
> >>>> Fedora-directory-users mailing list
> >>>> Fedora-directory-users at redhat.com
> >>>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> >> --
> >> Fedora-directory-users mailing list
> >> Fedora-directory-users at redhat.com
> >> https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > 
> > --
> > Fedora-directory-users mailing list
> > Fedora-directory-users at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-directory-users
> > 
> 
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users

More information about the Fedora-directory-users mailing list