Date: Mon, 25 Feb 2008 21:24:01 +0100 From: "O. Hartmann" <ohartman@mail.zedat.fu-berlin.de> To: freebsd-questions@freebsd.org Subject: OpenLDAP 2.4.8 and FreeBSD/nss_ldap ==>> not working? Message-ID: <47C323E1.7040806@mail.zedat.fu-berlin.de>
next in thread | raw e-mail | index | archive | help
Hello, apart from the fact that OpenLDAP 2.4.8 in conjunction with DB 4.6 ist absolutely BETA as mentioned in their docu, nevertheless I woul like asking about a problem I discovered. Bevor upgrading (I did becauso of the syncrepl-facility) I stopped slapd and dumped its DB via "slapcat -l outfile.ldif" into a secure dumpfile. Then I removed the old DB-files in the database directory. Then I used "slapadd -l outfile.ldif" for restoring the database and after I recompiled everthing dependend on the ldap-client libs (nss_ldap, pam_ldap, pam_mkhomedir, sudo, postgresql), I was able to safely restart slapd. Everything seemed to work on a glimpse, but something was wrong. I've group-objects (ou=groups, POSIX groups) in my DIT with attribute "memberUID=XXXX". With OpenLDAP 2.3.41 'id' shows up a user's UID, GID and membership in additional groups, but with LDAP 2.4.8, only the UID and GID is shown: uid=2002(ohartmann) gid=2002(ohartmann) groups=2002(ohartmann) (OpenLDAP 2.4.8) but it should be uid=2002(ohartmann) gid=2002(ohartmann) groups=2002(ohartmann),512(Domain Admins),513(Domain Users),544(Administrators),2045(development) (2.3.41) Either something in the schemata has changed or something is wrong. I tried to find out via the doku at OpenLDAP.ORG, but can't find any revealing infos. Can anybody help? Regards, Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47C323E1.7040806>