Date: Tue, 8 Nov 2016 11:00:56 +0300 From: Anthony Pankov <ap00@mail.ru> To: freebsd-hackers@freebsd.org Subject: nss_ldap seems to not work Message-ID: <1644757548.20161108110056@mail.ru>
next in thread | raw e-mail | index | archive | help
Greetings. nss_ldap seems to not work correctly at least at FreeBSD 10.3. Two configurations 1. FreeBSD 9.2 2. FreeBSD 10.3 sharing nss_ldap settings and using the same LDAP tree (DIT) produce different results. At FreeBSD 10.3 nss_ldap can't enumerate supplementary user groups. Example: FreeBSD 9.2: # id user1 ... groups=basegroup,gr1,gr2,gr3 FreeBSD 10.3: # id user1 ... groups=basegroup The effect is inadequate result of initgroups() calling which lead to various side effects with permissions. P.S. Interesting fact. At FreeBSD 10.3 pw utility produce correct result: #pw usershow user1 ... groups=basegroup,gr1,gr2,gr3 -- Best regards, Anthony mailto:ap00@mail.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1644757548.20161108110056>