2010-09-14 17:26, Rich Megginson skrev:
I still don't know what you mean by "add posixGroups using
the admin
tool". If by "admin tool" you mean the 389 GUI console, then right,
there is no explicit posix group tab in the Group editor window, but you
can use the Advanced... editor to add the posixGroup objectclass to the
list of objectclasses.
Yep. That's what I meant. (389-console)
When I click Advanced I see posixGroup stuff not when I click "Show All
Allowed Attributes", nor do I sse it as an option when I click the "Add
Attribute" button.
What do you mean when you say "Advanced editor"?
Having searched for a while, I've found a way to add posixGroups:
Right click -> New -> Other -> posixGroup
They will however be identified in the tree by the gidnimber, not by
their cn...
> And I still can't log in as the user I've added.
>
What error do you get? It's always helpful when you have a problem to
specify
* the platform and 389-ds-base version
Fedora 13
389 1.2.0
Error message "User does not exist"
* the exact command you used - if by "log in" you mean
system login,
I've tried "su" both locally and from a client machine.
also please specify your /etc/ldap.conf settings
[root@lb ~]# cat /etc/ldap.conf|grep -v "#"|sed '/^$/d'
base dc=labbnet,dc=ne,dc=keryx,dc=se
timelimit 120
bind_timelimit 120
idle_timelimit 3600
nss_initgroups_ignoreusers
root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman,nscd,gdm,polkituser,rtkit,pulse
uri ldaps://127.0.0.1:1636/
ssl no
tls_cacertdir /etc/openldap/cacerts
pam_password md5
I've changed the port to 1636 since *nix requires the server to run as
root for ldaps on a port below 1024...
* the error message and error code you get from the command, if any
* check the directory server access log from around the time of your log
in attempt to see what the directory server logged
/var/log/dirsrv/slapd-lb/errors is silent
/var/log/dirsrv/slapd-lb/access (I've removed the timestamp)
conn=29 op=47 UNBIND
conn=29 op=47 fd=85 closed - U1
conn=26 op=77 MOD
dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=77 RESULT err=0 tag=103 nentries=0 etime=1
conn=26 op=78 MOD
dn="cn=ResourcePage,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=78 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=79 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=79 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=80 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=80 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=82 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=82 RESULT err=0 tag=103 nentries=0 etime=0
conn=26 op=83 MOD dn="cn=General,ou=1.1,ou=Console,ou=cn\5c=directory
manager,ou=UserPreferences, ou=labbnet.ne.keryx.se, o=NetscapeRoot"
conn=26 op=83 RESULT err=0 tag=103 nentries=0 etime=0
conn=28 op=-1 fd=84 closed - B1
conn=26 op=-1 fd=82 closed - B1
conn=27 op=-1 fd=83 closed - B1
--
Lars Gunther
http://keryx.se/
http://twitter.com/itpastorn/
http://itpastorn.blogspot.com/