RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)

There is an excellent tutorial on using LDAP for netgroup enumeration. Most of the changes are obvious, but one thing may trip you up. First you add a netgroup to your directory: # example, netgroup, narrabilis.com dn: cn=example,ou=netgroup,dc=narrabilis,dc=com description: Narrabilis Workstations nisNetgroupTriple: (nash,,) nisNetgroupTriple: (dreamhost,,) nisNetgroupTriple: {ramblings,,) cn: example objectClass: top objectClass: nisnetgroup
Next you add ldap to the netgroup line of nsswitch.conf netgroup: files ldap Now for optimization you should add nss_base_netgroup to your ldap.conf (optional) nss_base_netgroup ou=netgroup,dc=narrabilis,dc=com ok, you've done all that, it should work just fine right? But it doesn't. :-(
The quirky thing is that you must set a NISDOMAIN in /etc/sysconfig/network NISDOMAIN=huh It doesn't matter what you set it to either, but it must be set. Very lame. But, it should work now, go figure.

Comments

Add new comment

CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

About the Author...

Slides from LISA 2019 Linux systems troubleshooting #LISA2019 https://t.co/D4dMKflK6R Tue Oct 29 05:59:30 +0000 2019

https://t.co/AGeihMALAv configuring grub2 with EFI Fri Sep 13 05:20:01 +0000 2019

I published a Thing on @thingiverse! https://t.co/IYpRyEb7Hz #thingalert Tue Jul 23 19:27:57 +0000 2019

Nokogiri install on MacOSX https://t.co/v3An0miW9L Fri Jul 12 15:06:49 +0000 2019

HTML email with plain mailer plugin on Jenkins https://t.co/Z6FSDMDjy8 Thu Jul 11 21:07:25 +0000 2019