Re: pam_group and nss
- Subject: Re: pam_group and nss
- From: "Wedgwood, Matthew E" <mwedgwood@xxxxxxxxxxxxxxxxx>
- Date: Tue, 20 Oct 2009 09:05:20 -0500
- Accept-language: en-US
- Acceptlanguage: en-US
- Cc: Pluggable Authentication Modules <pam-list@xxxxxxxxxx>
- Thread-index: AcpRjl9JgZKKYwW1THeDZjFLu0e8Bg==
- Thread-topic: pam_group and nss
On many systems, you can simply create the group locally and add
members to it in /etc/group. The group memberships will be
concatenated with those in LDAP.
This assumes that "files" appears in your nss config. Something like
this:
passwd files ldap
group files ldap
Be sure that the local group IDs match up with the LDAP groups you're
targeting.
-Matthew
On Oct 20, 2009, at 5:48 AM, "Wilhelm Meier" <wilhelm.meier@xxxxxxxx>
wrote:
> Hi all,
>
> we are using pam_group in combination to pam_ldap to give users
> additional group membership like plugdev. This is ok but not for hald,
> since it uses nss to resolve the group membership of a given user.
>
> What is the best way to provide in a system-wide manner the nss-
> service
> with additional group memberships? (We do not have the change to add
> the
> memberships to the ldap directory ...)
>
> --
> Wilhelm
>
> _______________________________________________
> Pam-list mailing list
> Pam-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
[Fedora Users]
[Kernel]
[Red Hat Install]
[Linux for the blind]
[Gimp]
