[K12OSN] smbldap - adding ldap users to local groups

[Rob Owens]

On Wed, Oct 24, 2007 at 03:13:33PM -0500, Jim Kronebusch wrote:
> > > From a console on the server as root:
> > > 
> > > vigr (this is a vi-based group file editor - it locks the file to
> > > prevent other writes)
> > > 
> > > now append fusers to the fuse group entry. If it is after another entry
> > > for the fuse group, use a comma between the entries.
> > 
> > I tried adding an ldap group to a local group and it did not work properly (it 
> > was as if members of the ldap group were not members of the local group).  
> > Then I tried adding a local group to another local group and that also did not 
> > work (similar results as above).  Is there something special I need to do in 
> > order to allow a group to be a member of another group and have the "child 
> > group" inherit the permissions of the "parent group"?
> > 
> > -Rob
> 
> I had tried the same thing before and could not get this too work.  As you said it acted
> as if the users were not part of the group.  I was only able to get local groups working
> if I mirrored them in the LDAP server as shown in Step 4 of
> www.1-cs.com/ubuntu_ldap_howto.txt.   I then set up Webmin to add all new users to these
> groups.  This is working very well for me.

Yes, I read that document (thanks, by the way).  My only concern is that if I make the GID for the ldap group the same as the GID for the local group, that's only good for one operating system.  The GID-to-groupname for Debian, Ubuntu, and CentOS are not always the same.

Are there any workarounds for this problem?

-Rob