|

»

»

»

uniquemember attribute issue

View: New views

3 Messages — Rating Filter: Alert me

	uniquemember attribute issue by AllBlack :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Some parts of this message have been removed. Learn more about Nabble's security policy. Hi, first time poster here and new to everything nssldap. The ldap.conf file on our RHEL boxes have the following entry nss_map_objectclass posixAccount User nss_map_attribute uid msSFUName nss_map_attribute userPassword msSFUPassword nss_map_attribute homeDirectory msSFUHomeDirectory nss_map_objectclass posixGroup Group nss_map_attribute cn msSFUName nss_map_attribute uniqueMember memberUid In our setup the memberUid in Active directory is not being populated anymore. Everything is pretty much being automated. When a new user is created in a group in the nss_base_group object he will not appear when issueing "getent group groupname" Obviously this is to be expected as the memberUId field is not populated. An LDAP query shows that the user is specified in the Member object. When I change uniqueMember attribute to Member the new user is revealed when issueing "getent group groupname" However, the few users in the group who still have there memberUid set (the way it used to be done) appear twice. Why is that and how can I get unique results from just the member object? Hope it all makes sense Cheers
	Re: uniquemember attribute issue by Dan Am-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Guy, you need to use "msSFU30posixmember" instead of "memberuid". This does get populated. In this case your nss_ldap needs to be compiled with rfc2307bis support. Best Dan PS: If you plan to migrate to R2 in the not too distant future, watch out, there are migration issues. 2008/3/10, Defryn, Guy <G.P.Defryn@...>: Hi, first time poster here and new to everything nssldap. The ldap.conf file on our RHEL boxes have the following entry nss_map_objectclass posixAccount User nss_map_attribute uid msSFUName nss_map_attribute userPassword msSFUPassword nss_map_attribute homeDirectory msSFUHomeDirectory nss_map_objectclass posixGroup Group nss_map_attribute cn msSFUName nss_map_attribute uniqueMember memberUid In our setup the memberUid in Active directory is not being populated anymore. Everything is pretty much being automated. When a new user is created in a group in the nss_base_group object he will not appear when issueing "getent group groupname" Obviously this is to be expected as the memberUId field is not populated. An LDAP query shows that the user is specified in the Member object. When I change uniqueMember attribute to Member the new user is revealed when issueing "getent group groupname" However, the few users in the group who still have there memberUid set (the way it used to be done) appear twice. Why is that and how can I get unique results from just the member object? Hope it all makes sense Cheers
	Re: uniquemember attribute issue by Dan Am-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Guy, 2008/3/11, Defryn, Guy <G.P.Defryn@...>: Thank you for the response. I just ran the ADSIedit tool against the group and the attribute is not set in Active Directory. Well, there you go. How are your users being created. AFAIR when you use the Users&Group MMC the msSFU30posixmember field gets used. Not so in R2, R2 goes back to memberUID. Best Dan