2010-09-14 17:26, Rich Megginson skrev:
I still don't know what you mean by "add posixGroups using the admin tool". If by "admin tool" you mean the 389 GUI console, then right, there is no explicit posix group tab in the Group editor window, but you can use the Advanced... editor to add the posixGroup objectclass to the list of objectclasses.
Yep. That's what I meant. (389-console)
When I click Advanced I see posixGroup stuff not when I click "Show All Allowed Attributes", nor do I sse it as an option when I click the "Add Attribute" button.
What do you mean when you say "Advanced editor"?
Having searched for a while, I've found a way to add posixGroups: Right click -> New -> Other -> posixGroup
They will however be identified in the tree by the gidnimber, not by their cn...
And I still can't log in as the user I've added.
What error do you get? It's always helpful when you have a problem to specify
- the platform and 389-ds-base version
Fedora 13 389 1.2.0
Error message "User does not exist"
- the exact command you used - if by "log in" you mean system login,
I've tried "su" both locally and from a client machine.
also please specify your /etc/ldap.conf settings
[root@lb ~]# cat /etc/ldap.conf|grep -v "#"|sed '/^$/d' base dc=labbnet,dc=ne,dc=keryx,dc=se timelimit 120 bind_timelimit 120 idle_timelimit 3600 nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm,polkituser,rtkit,pulse uri ldaps://127.0.0.1:1636/ ssl no tls_cacertdir /etc/openldap/cacerts pam_password md5
I've changed the port to 1636 since *nix requires the server to run as root for ldaps on a port below 1024...
- the error message and error code you get from the command, if any
- check the directory server access log from around the time of your log
in attempt to see what the directory server logged
/var/log/dirsrv/slapd-lb/errors is silent
/var/log/dirsrv/slapd-lb/access (I've removed the timestamp)
conn=29 op=47 UNBIND conn=29 op=47 fd=85 closed - U1 conn=26 op=77 MOD dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=77 RESULT err=0 tag=103 nentries=0 etime=1 conn=26 op=78 MOD dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=78 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=79 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=79 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=80 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=80 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=82 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=82 RESULT err=0 tag=103 nentries=0 etime=0 conn=26 op=83 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot" conn=26 op=83 RESULT err=0 tag=103 nentries=0 etime=0 conn=28 op=-1 fd=84 closed - B1 conn=26 op=-1 fd=82 closed - B1 conn=27 op=-1 fd=83 closed - B1