1 Reply Latest reply: Mar 24, 2011 3:22 PM by 850179 RSS

    Solaris 10 Native Client with RHDS and uniqueMember used for posixGroups.

    807573
      I am using Redhat Directory Server(RHDS) which is using the password
      sync module to AD. My groups come over from AD as a groupOfUniqueNames
      with each member listed as a uniqueMember with their full DN. I then
      add via a script the posixGroup ObjectClass and a gidNumber for the
      group.

      Just got a solaris 10 box added to the environment. I have it
      configured it to bind via a proxy account and I am using TLS. The
      problem I am having is that I cannot get the client to recognize any
      members in any of the groups. The only way it will work is if I go add
      the users as a memberUid entry. This defeats the purpose of having it
      sync the information between AD and RHDS.

      *{color:#ff0000}+Is there any way to get the
      Solaris 10 Native LDAP client to use uniqueMember (with users full DN)
      instead of memberUID (with the users uid only)?+{color}*
        • 1. Re: Solaris 10 Native Client with RHDS and uniqueMember used for posixGroups.
          850179
          The only way I've gotten this to work is to use memberUid, because Linux clients can understand either uniqueMember or memberUid, whereas Solaris will only understand memberUid. You have to do an attribute map on the Linux system's /etc/ldap.conf also: nss_map_attribute uniqueMember memberUid

          To enjoy the advantages of the sync you get, you'd have to write a custom script that converts uniqueMember to memberUid.

          Edited by: 847176 on Mar 24, 2011 1:21 PM