Hi all, netgroups are indeed working with LDAP. A wrong attribute was the cause of our problems. Our LDAP entry looked like this: dn: cn=sodom,ou=netgroup,dc=informatik,dc=uni-kiel,dc=de cn: sodom nisNetgroupTriple: (-,ingres,) nisNetgroupTriple: (-,tomcat,) nisNetgroupTriple: rbg <----- objectClass: top objectClass: nisNetgroup A correct entry has to be dn: cn=sodom,ou=netgroup,dc=informatik,dc=uni-kiel,dc=de cn: sodom nisNetgroupTriple: (-,ingres,) nisNetgroupTriple: (-,tomcat,) memberNisNetgroup: rbg <----- objectClass: top objectClass: nisNetgroup Thanks to Tim Wright for finding the bug. After correcting this I could login fine and the ldap logfiles shows recursive requests as expected. My apologies to Milan Jurik thinking his code could have a bug :-)) The lesson learned (again) is always look twice and then ask somebody else to look too. Btw. ldapaddent only works on a configured ldap client. This is not the case for our main nameserver. So I had to write something myself. Always error-prone :-() Thanks to all for the assistance, especially: From: Rob De Langhe <rob.de.langhe@twistfare.be> From: Rachel Polanskis <grove@zeta.org.au> From: Sal Serafino <serafino@cshl.edu> From: Milan Jurik <milan.jurik@oracle.com> From: Tim Wright <tim.dormouse@gmail.com> Greetings Willi _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Fri Aug 12 00:49:27 2011
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:18 EST