The final answer is that you must patch upgrade Solaris 10 to see all members of large LDAP groups. I did find out the specific patch that fixes the behavior is the kernel patch. Solaris 10 SPARC kernel patch 120011-17 or above is supposed to fix this. BEWARE: I also found that the newest kernel patch (127127-11) makes printing from LDAP clients all but impossible, see: http://sunsolve.sun.com/search/document.do?assetkey=1-66-241426-1 RCA -- UNIX Administrator, BAE Systems EIT desk 763-572-6684 mobile 612-419-9362 -----Original Message----- From: sunmanagers-bounces@sunmanagers.org [mailto:sunmanagers-bounces@sunmanagers.org] On Behalf Of Anderson, Ryan C (US SSA) Sent: Tuesday, September 30, 2008 3:05 PM To: sunmanagers@sunmanagers.org Subject: LDAP groups with many members + Sol 10 LDAP client I've found that (like NIS) a Solaris 10 update 4 LDAP client can't see groups after they reach too many members. I found out today a Solaris 10 update 5 client can see the groups fine, but all my systems are update 4. The only workaround I've found is to create multiple groups with the same gidNumber and chunk up the members between them. Is there a setting in Solaris to see the groups properly? Any idea on what Sol 10 patch number might fix the behavior? On Sol 10 u4 & u5, I can do: ldaplist -l group verybiggroup But on u4, every other OS utility can't see the group, ie 'getent group verybiggroup', 'groups <member of verybiggroup>'. RCA -- UNIX Administrator, BAE Systems EIT desk 763-572-6684 mobile 612-419-9362 _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Wed Oct 1 13:30:10 2008
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:12 EST