Hey all!
I am migrating NIS to LDAP, but netgroups don't seem to work as expected.
I am trying to installed nss-pam-ldapd on 11.1-RELEASE, and set up uri, base, TLS.
I use getent to get the map, passwd and group work ok, I can get data in LDAP, but
getent netgroup <name> doesn't return anything even if it is a valid name.
If I put a netgroup into /etc/netgroup, it will find that one group.
The enviroment is FreeBSD 11.1-RELEASE, OpenLDAP 2.4
My /etc/nsswitch.conf looks like this:
netgroup's schema in LDAP looks like this:
From what I have been able to read, it might be that netgroups are not really well supported by nsswitch.conf. Is that true?
Help will be greatly appreciated, as this could impact other ways I have always
used netgroups...
Thank you!
I am migrating NIS to LDAP, but netgroups don't seem to work as expected.
I am trying to installed nss-pam-ldapd on 11.1-RELEASE, and set up uri, base, TLS.
I use getent to get the map, passwd and group work ok, I can get data in LDAP, but
getent netgroup <name> doesn't return anything even if it is a valid name.
If I put a netgroup into /etc/netgroup, it will find that one group.
The enviroment is FreeBSD 11.1-RELEASE, OpenLDAP 2.4
My /etc/nsswitch.conf looks like this:
Code:
group: files ldap
hosts: files dns
networks: files ldap
netgroup: ldap
passwd: files ldap
shells: files
services: compat
services_compat: files
protocols: files
rpc: files
netgroup's schema in LDAP looks like this:
Code:
dn: cn=testNetgroup,ou=Netgroup,dc=mydomain,dc=com
objectClass: nisNetgroup
objectClass: top
cn: testNetgroup
nisNetgroupTriple: (,aaa,)
nisNetgroupTriple: (,bbb,)
nisNetgroupTriple: (,ccc,)
From what I have been able to read, it might be that netgroups are not really well supported by nsswitch.conf. Is that true?
Help will be greatly appreciated, as this could impact other ways I have always
used netgroups...
Thank you!