[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ispman-users
Subject:    Re: [Ispman-users] ldap group names / how to add them
From:       Joerg Delker <joerg () delker ! de>
Date:       2005-02-20 19:57:59
Message-ID: 4218EBC7.5010000 () delker ! de
[Download RAW message or body]

Andreas,

the missing group name resolution is due to the missing objectclass 
"posixGroup" in the ispmanDomain objects.
LDAP V3 constraints prevents us from simply adding this objectclass to 
the domain entries (for a detailed discussion see the mailarchive).

This problem was already fixed in the upcoming 1.3 version (in CVS 
HEAD), by adding seperate posixGroup entries.

Joerg


Andreas John wrote:
> Hello List!
> 
> I switched to suphp on our apache(s), which requires the group of the 
> xy.php file to exist. With ISPMAN/LDAP there the shell does only expand 
> UIDs to the names. I think that's because there is no attribute for the 
> group's name in the ldap tree. May someone show mercy and add such a 
> attribute? Or could I map the uidName to gidNumber (as workaround) in 
> nssswitch.conf, i.e. the group's name is the same as the user's name?
> 
> As a workaround for now I created a shellscript I want to share with you 
> all:
> 
> -----
> # cat /usr/local/sbin/ispman.ldapaddgroups
> #!/bin/sh
> 
> GROUPLIST=`ldapsearch -P 3 -LLL -s sub -b "o=ispman" -x -LLL -y 
> /etc/ldap.secret -D "cn=Directory Administrator, o=ispman" 
> "objectClass=ispmanVirtualHost" gidNumber | grep gidNumber | sed -e 
> "s/gidNumber: \([0-9]*\)$/\1/g"`
> 
> for i in `echo $GROUPLIST`; do
>  if [ -z `grep ispmangroup$i /etc/group` ]; then
>  echo adding group $i to /etc/group
>  echo "ispmangroup$i:x:$i:" >> /etc/group;
>  fi
> done
> -----
> 
> Make sure that the LDAP access works with ldapsearch this way! Then put 
> the scipt to the crontab ;)
> 
> 
> Best Regards,
> j.
> 


["joerg.vcf" (text/x-vcard)]
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Ispman-users mailing list
Ispman-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ispman-users

[prev in list] [next in list] [prev in thread] [next in thread]