| 1 |
Hello Everybody! |
| 2 |
|
| 3 |
So decided to adopt nfs4 + rpc + ldap since most of the posts regarding |
| 4 |
bugs I have seen range between 2012-2015, so silly me, safe to come out |
| 5 |
right? wrong..... |
| 6 |
|
| 7 |
Cient ldap user: |
| 8 |
|
| 9 |
# id user1 |
| 10 |
uid=1004(user1) gid=1005(user1) groups=27(sudo),1005(user1) |
| 11 |
|
| 12 |
Server ldap user: |
| 13 |
# id user1 |
| 14 |
uid=1004(user1) gid=1005(user1) groups=27(sudo),1005(user1) |
| 15 |
|
| 16 |
As you can see `nslcd and nscd` are doing their job on the client side. I |
| 17 |
can log in, mount etc.. |
| 18 |
all fine. Except the infamous `everything has permission nobody nogroup` |
| 19 |
|
| 20 |
A few notes: |
| 21 |
|
| 22 |
* The `Domain` attribute is set to the same host in idmapd.conf for both |
| 23 |
client and server |
| 24 |
* If I set Nobody-User = user1 Nobody-Group = user1 everything works as |
| 25 |
expected but this was just a test. |
| 26 |
* If I try to adduser user1 on the client I get an error as expected... |
| 27 |
User exists therefore, users and groups are sync'ed as per ldap and nss... |
| 28 |
|
| 29 |
Question |
| 30 |
|
| 31 |
Can rpc.idmap translate ldap users over nsswitch? When I try to use |
| 32 |
`umich_ldap` as the translator idmapd does not start with `umich_ldap` does |
| 33 |
not exist... |
| 34 |
|
| 35 |
How can I fix this please? :) |
| 36 |
|
| 37 |
Kind Regards, |
| 38 |
|
| 39 |
M |
Archives