hi all i am using userdrake to add users and groups to a ldap directory. userdrake creates objects of type "GroupOfUniqueNames" to store group membership. there it writes the distinguished names (dn) of the users belonging to the group into the attribute "uniqueMember". but such a user is never recognized by the system as a groupmember of the specific group. i tested this with the "id" command.
manually adding the user id's into the attribute "memberUid" resolves this problem. it seems that only this attribute is checked during logon to recognize group membership. there should be one of the following to fix this isue: either change userdrake in a way, that it also writes "memberUid" not only "uniqueMember" or fix the authentication process (i don't know... is it nss_ldap?) so that it recognizes group membership stored as dn's in "uniqueMember" attribute. ...i would prefer a combination of both ;) spiderboy
