nss_ldap seems to not work
Alexander Nedotsukov
bland at bbnest.net
Tue Nov 8 13:40:25 UTC 2016
Does it help if you add "nss_schema rfc2307” to nss_ldap.config?
> On 8 нояб. 2016 г., at 17:00, Anthony Pankov via freebsd-hackers <freebsd-hackers at freebsd.org> wrote:
>
> Greetings.
>
> nss_ldap seems to not work correctly at least at FreeBSD 10.3.
>
> Two configurations
> 1. FreeBSD 9.2
> 2. FreeBSD 10.3
> sharing nss_ldap settings and using the same LDAP tree (DIT) produce
> different results.
>
> At FreeBSD 10.3 nss_ldap can't enumerate supplementary user
> groups.
>
> Example:
> FreeBSD 9.2:
> # id user1
> ... groups=basegroup,gr1,gr2,gr3
> FreeBSD 10.3:
> # id user1
> ... groups=basegroup
>
> The effect is inadequate result of initgroups() calling which lead to
> various side effects with permissions.
>
> P.S. Interesting fact. At FreeBSD 10.3 pw utility produce correct
> result:
> #pw usershow user1
> ... groups=basegroup,gr1,gr2,gr3
>
> --
> Best regards,
> Anthony mailto:ap00 at mail.ru
>
> _______________________________________________
> freebsd-hackers at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"
More information about the freebsd-hackers
mailing list