getent / group / LDAP problem
Ryan Golhar
golharam at umdnj.edu
Wed May 28 17:51:50 UTC 2008
Hi all,
I have RHEL 5 running as an LDAP server, and am trying to configure a
second server to mimic the first one. I have created multiple groups in
LDAP and assigned various users to these groups. On the second server,
running 'id' from the shell doesn't show those secondary groups.
I thought there might be something wrong with nsswitch.conf, but 'getent
group' is reporting the secondary groups and the users but with a 'x' in
the second field:
users:x:500:user1,user2,user3
whereas on the first server, I see:
users:*:500:user1,user2,user3
Why the difference in the second field?
'id' doesn't report the secondary groups either. 'id' on the first LDAP
server shows something like:
uid=501(golharam) gid=501(sansuser)
groups=500(users),501(sansuser),85(cvs) context=user_u:system_r:unconfined_t
On the second LDAP server, I get:
uid=501(golharam) gid=500(users) groups=500(users)
context=user_u:system_r:unconfined_t
There should be a second group as 'cvs' with gid=85. Does anyone know
why I wouldn't see secondary groups in my second LDAP server?
More information about the redhat-list
mailing list