Hi All

I've hit a problem with opendlap and nss_ldap. I have an openldap server
running on a RHEL5 box and, using ldapsearch, I know its contains the data
I put into it and also that the ACLs are correct.

The problem comes on a FC8 machine that is set to do passwd/group/hosts
lookups off it (whilst authenticating using kerberos via our Active
directory). Now, using

getent groups (as any user) I can see all my groups and their members and
that all looks correct. However, the commands id and groups do not report
all a user groups!

for example:
[root@(protected)
eestaff

whilst getent group | grep jo0006 shows all the groups!


Since getent works I suppose that nss_ldap is not broken and
/etc/ldap.conf is ok. Looking at strace on getent followed by groups they
are both accesing the same library and the same config files.

Has anyone seen a similar issue? Looking at tail -f /var/log/ldap.conf I
suspect that the problem is the query sent by id and groups.

Any help appreciated
Regards

John

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@(protected)
https://www.redhat.com/mailman/listinfo/redhat-list