Dear all, I''m using FC6 with FDS authentication and running well but can not show groups name only GID when command ''groups'' execute on console. Sometimes we get confuse when we saw some folder not show group name only gid. --- $groups id: cannot find name for group ID 10001 10001 --- Is there any trick how to show group name not gid on konsole. Thanks, Diwa
Normal users don''t have the necessary permissions to do the lookup on LDAP. The authentication process is done usally by root then when you are logged in you can''t do lookups. I''ve documented this here http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html In Section 3.3 Binding Linux/Unix Machines to LDAPs (way at the bottom) Short story is turn on NSCD, this service binds as root but caches the information for the local user. Usually information you should cache is passwd, group and aliases information which you have to edit /etc/nscd.conf You might want to check this out for NSCD http://www.csse.uwa.edu.au/~ashley/fedora-ds/Fedora%20Miscellaneous%20Problems-23082006.htm Regards Ashley On Wed, 13 Jun 2007, Diwakoe wrote:> Dear all, > > I''m using FC6 with FDS authentication and running well but can not > show groups name only GID when command ''groups'' execute on console. > Sometimes we get confuse when we saw some folder not show group name > only gid. > > --- > $groups > id: cannot find name for group ID 10001 > 10001 > --- > > Is there any trick how to show group name not gid on konsole. > > > Thanks, > Diwa > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > !DSPAM:272,466f7488187291087211254! >-- Ashley Chew - Systems Administrator School of Computer Science and Software Engineering University of Western Australia Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089 Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley "There is no such thing as Fate, Fate is what you make of it!"
Hi Ashley, Thanks for your docs, but how about directory listing? when root log in and doing command "ls -al" on home folder is showing user name, group and folder. But only user name is show correctly but the group is only gid. ---- drwxr-xr-x 4 JWilliam 10001 4096 Jun 4 14:56 JWilliam --- Regards, Diwa On 6/13/07, ashley <ashley@csse.uwa.edu.au> wrote:> > Normal users don''t have the necessary permissions to do the lookup on > LDAP. > > The authentication process is done usally by root then when you are logged > in you can''t do lookups. > > I''ve documented this here > > http://www.csse.uwa.edu.au/~ashley/fedora-ds/fedora-ds-26072006.html > > In Section 3.3 Binding Linux/Unix Machines to LDAPs > > (way at the bottom) > > Short story is turn on NSCD, this service binds as root but caches the > information for the local user. Usually information you should cache is > passwd, group and aliases information which you have to edit > /etc/nscd.conf > > You might want to check this out for NSCD > > http://www.csse.uwa.edu.au/~ashley/fedora-ds/Fedora%20Miscellaneous%20Problems-23082006.htm > > Regards Ashley >
On your client, if its properly binded you should be able to see your remote mappings ie do this getent passwd getent group And see if the user and groupmember information for that user are there. ashley@gp01:/etc:554> getent group |grep -i ashley motorola:*:32705:ashley acm:*:32071:ashley,luigi Now that only shows that the ldap lookup / binding is working. If it isn''t then something wrong with your binding, if it is then try mapping the group information directly. ie edit /etc/ldap.conf and edit the nss_base_group. The only other place I think of is that you didn''t tell your linux system to used the LDAP lookup information for groups which is specified in /etc/nsswitch.conf For unix there three main files / variables which are passwd, shadow and group. For nsswitch.conf I''ve got lookup local information followed by LDAP information ie in passwd: files ldap shadow: files ldap group: files ldap Thats all I can think of at the moment. Regards Ashley On Wed, 13 Jun 2007, Diwakoe wrote:> Dear all, > > I''m using FC6 with FDS authentication and running well but can not > show groups name only GID when command ''groups'' execute on console. > Sometimes we get confuse when we saw some folder not show group name > only gid. > > --- > $groups > id: cannot find name for group ID 10001 > 10001 > --- > > Is there any trick how to show group name not gid on konsole. > > > Thanks, > Diwa > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > !DSPAM:272,466f7488187291087211254! >-- Ashley Chew - Systems Administrator School of Computer Science and Software Engineering University of Western Australia Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089 Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley "There is no such thing as Fate, Fate is what you make of it!"
How did you set up LDAP auth? Fedora has a really simple configuration utility (authconfig) that makes it very easy. You should be able to just tell it to use LDAP, point it at your server and base DN (make sure it''s at a level below where both your users and groups arem if they''re in separate contexts), and you''re good to go.> Thanks for your docs, but how about directory listing? when > root log in and doing command "ls -al" on home folder is > showing user name, group and folder. But only user name is > show correctly but the group is only gid. > > ---- > drwxr-xr-x 4 JWilliam 10001 4096 Jun 4 14:56 JWilliam > --- > > Regards, > Diwa
Hi Patrick, The problem is my user group created using management console doesn''t show GID field entry so the GID number entered on user properties is not refer to group (thanks to ashley). I created new group using .ldif file with gid entered same number on user properties imported using management console and the problem is solved. So now I''m looking for hint how to show GID number field on management console when created new user group. Thanks, Diwa On 6/14/07, Morris, Patrick <patrick.morris@hp.com> wrote:> How did you set up LDAP auth? Fedora has a really simple configuration > utility (authconfig) that makes it very easy. You should be able to just > tell it to use LDAP, point it at your server and base DN (make sure it''s > at a level below where both your users and groups arem if they''re in > separate contexts), and you''re good to go. > > > Thanks for your docs, but how about directory listing? when > > root log in and doing command "ls -al" on home folder is > > showing user name, group and folder. But only user name is > > show correctly but the group is only gid. > > > > ---- > > drwxr-xr-x 4 JWilliam 10001 4096 Jun 4 14:56 JWilliam > > --- > > > > Regards, > > Diwa > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >