Hi Sid, Sorry for the delay & Thanks for the information. I'll manage to create groups thru LDAP and make sure nsswitch is reading groups only from LDAP, let me know if that's not the right approach.
Thanks, Daniel On Fri, Feb 7, 2014 at 6:08 PM, Choure, Sidd <[email protected]> wrote: > Are you creating the groups in LDAP as well? It seems that you aren't. > Just get rid of local groups and create the group in LDAP with the same > GID. This will the GID will be consistent across machines. > > > Siddharth Choure > Senior Systems Engineer > > Apartments.com | Apartment Home Living > 175 W Jackson Blvd | Suite 800 | Chicago, IL 60604 > P: (312) 508-6551 | C: (312) 288-1591 > [email protected]<mailto:[email protected]> | www.apartments.com| > www.ApartmentHomeLiving.com > > The First Name in Apartment Search > > > From: Daniel Szortyka <[email protected]<mailto: > [email protected]>> > Date: Fri, 7 Feb 2014 17:47:11 -0200 > To: <[email protected]<mailto: > [email protected]>> > Subject: how to manage groups in different machines using LDAP > > Hey guys, > > I'm new in the forum and new in the LDAP world. > I have my environment set up and working fine so far. > > I have a LDAP server and few other stations which autenticate in my > server, OK so far. > > However, I have applications running exclusively with a special group, > let's say "SAS" and that's my problem. > > Group SAS in MachineA is GID = 501 (/etc/groups) > Group SAS in MachineB is GID = 502 (/etc/groups) > (this was defined some time ago.. every computer has a different GID for > Group SAS) > > UserA was created with GID = 501 in LDAP. > > The problem is that when UserA authenticates in MachineB, he doesn't have > a group assigned. > > > I would like to know which direction I should go to make sure no matter > what computer the user authenticates, he'll get the right group assigned. > > > Tks in advance. > > -Daniel Szortyka > Porto Alegre / RS / Brasil > SysAdm at IBOPE > > > > > Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é > dirigida, podendo conter informação confidencial. Se você não for > destinatário desta mensagem, desde já fica notificado de abster-se a > divulgar, copiar, distribuir, examinar ou, de qualquer forma, utilizar a > informação contida nesta mensagem, por ser ilegal. Caso você tenha recebido > esta mensagem por engano, pedimos que nos retorne este E-Mail, promovendo, > desde logo, a eliminação do seu conteúdo em sua base de dados, registros ou > sistema de controle. > > This message is exclusively destined for the people to whom it is > directed, and it can bear private and/or legally exceptional information. > If you are not addressee of this message, since now you are advised to not > release, copy, distribute, check or, otherwise, use the information > contained in this message, because it is illegal. If you received this > message by mistake, we ask you to return this email, making possible, as > soon as possible, the elimination of its contents of your database, > registrations or controls system. > > Este mensaje ha sido enviado exclusivamente para la(s) persona(s) > destinataria(s) y puede contener información confidencial. Si Usted no es > el destinatario, esta desde ya compelido a no divulgar, copiar, distribuir, > examinar o, de cualquier manera, utilizar la información contenida en este > mensaje, por razones legales. Caso Usted haya recibido este mensaje > equivocadamente, favor contestar al remitente en forma inmediata, > borrándolo de su base de datos, registros o sistema de control. > -- Att, Daniel Szortyka :: Infraestrutura * [email protected] ( 5133823316 -- Esta mensagem é destinada exclusivamente para a(s) pessoa(s) a quem é dirigida, podendo conter informação confidencial. Se você não for destinatário desta mensagem, desde já fica notificado de abster-se a divulgar, copiar, distribuir, examinar ou, de qualquer forma, utilizar a informação contida nesta mensagem, por ser ilegal. Caso você tenha recebido esta mensagem por engano, pedimos que nos retorne este E-Mail, promovendo, desde logo, a eliminação do seu conteúdo em sua base de dados, registros ou sistema de controle. This message is exclusively destined for the people to whom it is directed, and it can bear private and/or legally exceptional information. If you are not addressee of this message, since now you are advised to not release, copy, distribute, check or, otherwise, use the information contained in this message, because it is illegal. If you received this message by mistake, we ask you to return this email, making possible, as soon as possible, the elimination of its contents of your database, registrations or controls system. Este mensaje ha sido enviado exclusivamente para la(s) persona(s) destinataria(s) y puede contener información confidencial. Si Usted no es el destinatario, esta desde ya compelido a no divulgar, copiar, distribuir, examinar o, de cualquier manera, utilizar la información contenida en este mensaje, por razones legales. Caso Usted haya recibido este mensaje equivocadamente, favor contestar al remitente en forma inmediata, borrándolo de su base de datos, registros o sistema de control.
