From owner-freebsd-stable  Tue May 21 16: 3:38 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mail.codeangels.com (dclient217-162-92-27.hispeed.ch [217.162.92.27])
	by hub.freebsd.org (Postfix) with SMTP id 9CEA237B400
	for <freebsd-stable@FreeBSD.ORG>; Tue, 21 May 2002 16:03:33 -0700 (PDT)
Received: (qmail 23977 invoked from network); 21 May 2002 23:03:32 -0000
Received: from unknown (HELO martinique) (192.168.1.245)
  by dclient217-162-92-27.hispeed.ch with SMTP; 21 May 2002 23:03:32 -0000
Date: Wed, 22 May 2002 01:03:32 +0200
From: Kirill Alder-Ponazdyr <quak@mydiax.ch>
To: Erick Mechler <emechler@techometer.net>
Cc: freebsd-stable@FreeBSD.ORG
Subject: Re: FreeBSD and LDAP Directory
In-Reply-To: <20020521155511.L10179@techometer.net>
References: <20020521222314.3C47D37B40C@hub.freebsd.org>
	<20020521153245.K10179@techometer.net>
	<20020521223735.AA60537B409@hub.freebsd.org>
	<20020521155511.L10179@techometer.net>
X-Mailer: Sylpheed version 0.7.5 (GTK+ 1.2.10; mips-sgi-irix6.5)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <20020521230333.9CEA237B400@hub.freebsd.org>
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

> :: Not really, pam_ldap does authenticate the user, but I am talking about
> :: retrieving much broader data, such as UID->NAME GID->Groupname Mappings,
> :: services definitions and so on.
> 
> If you just want the ability to look at the data in your directory (sorry
> if I'm misunderstanding again), then gq (http://biot.com/gq/, net/gq) seems
> like it would fit the bill.

Hi,

Indeed, you are missunderstanding :)

I want the OS to be able to query the LDAP directory for the things like:

hosts definitions
services definitions
passwd(users) database
groups database

and so on, thats what nsswitch.conf is for on Solaris and Linux, there I can just say where the OS should look for what stuff.

Basically: If I create a user in LDAP directory with, say a UID of 1000 and a group with GID of 1001, I can logon to FreeBSD when using a pam_ldap, but if I do a ls -l on a directory created by that user, I will always just see 1000:1001 as a owner, not a username and groupname.

Regards

Kirill

-----------------
Kirill Alder-Ponazdyr
SGI / SUN UNIX Consultant
Codeangels Solutions

ICQ  : 7038413
Phone: +41 79 370 89 30
Fax  : +41 1 799 17 56 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message