I am working on setting up my OpenBSD 5.2 box to connect to my company LDAP
server (Mac OS X 10.8.5 OpenDirectory). I have successfully installed
login_ldap from ports and configured ypldap and the login.conf file such that
I can now authenticate as any of my ldap users. However, when ypldap pulls in
the group membership information from my LDAP server, it appears to be cutting
off the group membership listing at 1024 characters. The end result is that
only about half of my users are actually showing up as members of the
appropriate group(s). I have confirmed this not only by behavior (sftp is not
chrooted for some users even though I have the proper entries to match the
group in sshd_conf), but also by using the userinfo command: userinfo for a
user that shows up in the first 1024 characters of the group membership
listing properly shows the user as a member of the group. userinfo for a user
that does not show up in the first 1024 characters show the user as only being
part of the default group (staff in this case). How can I get ypldap to show
the full member listing?
-----------------------------------------------
Israel Brewster
Computer Support Technician II
Era Alaska
5245 Airport Industrial Rd
Fairbanks, AK 99709
(907) 450-7250 x7293
-----------------------------------------------
