[Fedora-directory-users] group mapping issue

Brandon Young bkyoung at gmail.com
Tue Jan 23 21:20:02 UTC 2007 

I have recently attempted to set up a Fedora Directory Server for
evaluation as a replacement for NIS.  Overall, the set up process was
pretty painless.  I spent some time reading the Installation Guide,
Administrator's Guide, and Deployment Guide beforehand.  Additionally,
I tracked down this wonderful guide
(http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html)
which seemed like exactly what I needed.

I am trying to (ultimately) set up a directory service which provides
user authentication for Linux and OS X clients.

The problem I have run in to is the following: when I issue the
command `ls`, I see the following:
~$ ls -l
total 1
drwxr-xr-x   2 bky 1676 336 Jan 23 09:12 Desktop
drwxr-xr-x   4 bky 1676 216 Jan 17 10:24 Documents
drwx------  19 bky 1676 544 Jan 22 12:19 Library
drwxr-xr-x   2 bky 1676  48 Jan 17 08:33 Movies
drwxr-xr-x   3 bky 1676  72 Jan 17 09:45 Music
drwxr-xr-x   2 bky 1676  48 Jan 17 08:30 Pictures
drwxrwxr-x   2 bky 1676  96 Dec 20 14:29 bin
drwxrwxr-x   3 bky 1676  72 Dec 20 15:53 svn
drwxr-xr-x   2 bky 1676  48 Jan 17 09:48 vmware
~$


if I issue the 'groups' command for the user, it tells me:

# groups bky
id: cannot find name for group ID 1676
#

So, it seems obvious to me that group mappings are not configured
correctly.  On the client side, I am using a CentOS 4.4 machine,
configured to use ldap using system-config-authentication, and further
tweaking /etc/ldap.conf values for nss_base_passwd, nss_base_shadow,
and nss_base_group.  Further, in digging through the mailing list
archives I found a suggestion to make sure pam_member_attribute was
set to uniqueMember -- which I tried, to no avail.  I also tried
starting nscd which does not fix it (but I didn't really feel like
that was the problem, anyway).

I will further mention here that the ldap-client package is installed
and I have not tried to configure SSL or TLS, yet.

So, with that in mind ... what very obvious thing am I missing?  Has
anyone seen and resolved this issue for themselves?  Any help would be
greatly appreciated.

-- 
Brandon

More information about the Fedora-directory-users mailing list