pam_group and nss
Wedgwood, Matthew E
mwedgwood at austin.utexas.edu
Tue Oct 20 14:05:20 UTC 2009
On many systems, you can simply create the group locally and add
members to it in /etc/group. The group memberships will be
concatenated with those in LDAP.
This assumes that "files" appears in your nss config. Something like
this:
passwd files ldap
group files ldap
Be sure that the local group IDs match up with the LDAP groups you're
targeting.
-Matthew
On Oct 20, 2009, at 5:48 AM, "Wilhelm Meier" <wilhelm.meier at fh-kl.de>
wrote:
> Hi all,
>
> we are using pam_group in combination to pam_ldap to give users
> additional group membership like plugdev. This is ok but not for hald,
> since it uses nss to resolve the group membership of a given user.
>
> What is the best way to provide in a system-wide manner the nss-
> service
> with additional group memberships? (We do not have the change to add
> the
> memberships to the ldap directory ...)
>
> --
> Wilhelm
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list