Comments (10)
jaqx0r
commented on August 19, 2024
Comment #1 originally posted by jaqx0r on 2014-10-20T04:32:15.000Z:
I see you have rfc2370bis = 1 in the config; does that actually work?
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #2 originally posted by jaqx0r on 2014-10-20T04:42:26.000Z:
It seems that if the patch in # 8 was included, then there's no groups support for 2307bis (yet)
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #3 originally posted by jaqx0r on 2014-10-20T05:09:45.000Z:
I think this is working as unintended -- nsscache doesn't support rfc2307bis out of the box, but this shold be fixed soon.
from nsscache.
jaqx0r
commented on August 19, 2024
Comment #4 originally posted by jaqx0r on 2014-10-20T05:10:22.000Z:
Fixed in github master.
from nsscache.
oregszun
commented on August 19, 2024
Hello,
I have just checked out the master branch and built nsscache, and the issue mentioned here still persists!
The /etc/group.cache lists group members with distinguished name instead of username.
This is the same scenario as the earlier reporter used.
Has not been fixed already?
from nsscache.
jaqx0r
commented on August 19, 2024
Please share your configuration and the command line you used, an example
ldif of one record from LDAP. Also you could enable debug log output and
see if you can see a suitable error message.
On Thu, 4 Aug 2016, 18:29 oregszun [email protected] wrote:
Hello,
I have just checked out the master branch and built nsscache, and the
issue mentioned here still persists!
The /etc/group.cache lists group members with distinguished name instead
of username.
This is the same scenario as the earlier reporter used.Has not been fixed already?
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
#35 (comment), or mute
the thread
https://github.com/notifications/unsubscribe-auth/AC5b-2Oi0uqjoPFh7cfTMGlR-1HDVpmaks5qcaLfgaJpZM4JcdXf
.
from nsscache.
oregszun
commented on August 19, 2024
nsscache.conf
[DEFAULT]
source = ldap
cache = files
maps = passwd, group, shadow, sshkey
timestamp_dir = /var/lib/nsscache
ldap_uri = ldap://w.x.y.z
ldap_base = dc=whatever,dc=com
ldap_filter = (objectclass=posixAccount)
ldap_bind_dn = "cn=Manager,dc=whatever,dc=com"
ldap_bind_password = ******
ldap_rfc2307bis = 0
ldap_rfc2307bis_alt = ?
ldap_debug = 3
nssdb_dir = /var/lib/misc
files_dir = /etc
files_cache_filename_suffix = cache
[passwd]
ldap_base = ou=People,dc=whatever,dc=com
[group]
ldap_base = ou=Groups,dc=whatever,dc=com
ldap_filter = (objectclass=posixGroup)
[shadow]
ldap_base = ou=People,dc=whatever,dc=com
ldap_filter = (objectclass=shadowAccount)
[sshkey]
ldap_base = ou=People,dc=whatever,dc=com
ldap_filter = (objectclass=ldapPublicKey)
from nsscache.
oregszun
commented on August 19, 2024
dn: cn=whatever-ldap,ou=Groups,dc=whatever,dc=com
objectClass: posixGroup
cn: whatever-ldap
gidNumber: 5002
memberUid: uid=user1,ou=People,dc=whatever,dc=com
memberUid: uid=user2,ou=People,dc=whatever,dc=com
memberUid: uid=user3,ou=People,dc=whatever,dc=com
memberUid: uid=user4,ou=People,dc=whatever,dc=com
...
from nsscache.
oregszun
commented on August 19, 2024
ldap_rfc2307bis_alt = 1
[root@build nsscache]# nsscache -v update
INFO:NSSCacheApp:using nss_cache library, version 0.32
INFO:config:Configured maps are: passwd, group, shadow, sshkey
INFO:Update:Updating and verifying passwd cache.
INFO:Update:Updating and verifying passwd cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:Update:Updating and verifying group cache.
INFO:Update:Updating and verifying group cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:Update:Updating and verifying shadow cache.
INFO:Update:Updating and verifying shadow cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:Update:Updating and verifying sshkey cache.
INFO:Update:Updating and verifying sshkey cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:NSSCacheApp:Exiting nsscache with value 0 runtime 0.070000
[root@build ~]# head -n 1 /etc/group.cache
whatever-ldap:*:5002:
[root@build ~]#
No members at all.
from nsscache.
oregszun
commented on August 19, 2024
ldap_rfc2307bis_alt = 0
[root@build nsscache]# nsscache -v update
INFO:NSSCacheApp:using nss_cache library, version 0.32
INFO:config:Configured maps are: passwd, group, shadow, sshkey
INFO:Update:Updating and verifying passwd cache.
INFO:Update:Updating and verifying passwd cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:Update:Updating and verifying group cache.
INFO:Update:Updating and verifying group cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:Update:Updating and verifying shadow cache.
INFO:Update:Updating and verifying shadow cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:root:Ignored password that was not in crypt format
INFO:Update:Updating and verifying sshkey cache.
INFO:Update:Updating and verifying sshkey cache.
INFO:MapUpdater:Missing previous timestamp, defaulting to a full sync.
INFO:NSSCacheApp:Exiting nsscache with value 0 runtime 0.080000
[root@build ~]# head -n 1 /etc/group.cache
whatever-ldap:*:5002:uid=user1,ou=People,dc=whatever,dc=com,uid=user2,ou=People,dc=whatever,dc=com,uid=user3...
DN showed as member.
from nsscache.
Related Issues (20)
- nsscache doesn't map all members of a group HOT 2
- reformat by removing error E713 for membership test HOT 7
- ShadowExpire == -1 HOT 1
- sshkey map fails to import HOT 4
- Not all LDAP servers provide LastModification Dates
- bsddb3 is deprecated HOT 3
- `uidattr` ignored when writing out groups
- mox3 archived & deprecated upstream, please update tests to not use it HOT 3
- Does not work offline. HOT 6
- Question: Merge groups with the same ids
- Add support for GCS source HOT 1
- skip the unexcepted line in the cache file
- Please support nested groups HOT 11
- Tagging of versions HOT 3
- nsscache doesn't update group cache from ldap source HOT 7
- ConfigParser.NoSectionError: No section: 'suffix' with nsscache >= 0.36 HOT 2
- configure nsscache with samba4 active directory HOT 31
- is nsscache python3 compatible? HOT 25
- Get integration tests running in CI HOT 37
- Properly define byte vs string types in source and cache api boundaries
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nsscache.