» RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)

RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)

There is an excellent tutorial on using LDAP for netgroup enumeration. Most of the changes are obvious, but one thing may trip you up. First you add a netgroup to your directory:



# example, netgroup, narrabilis.com

dn: cn=example,ou=netgroup,dc=narrabilis,dc=com

description: Narrabilis Workstations

nisNetgroupTriple: (nash,,)

nisNetgroupTriple: (dreamhost,,)

nisNetgroupTriple: {ramblings,,)

cn: example

objectClass: top

objectClass: nisnetgroup

Next you add ldap to the netgroup line of nsswitch.conf



netgroup: files ldap

Now for optimization you should add nss_base_netgroup to your ldap.conf (optional)



nss_base_netgroup ou=netgroup,dc=narrabilis,dc=com

ok, you’ve done all that, it should work just fine right? But it doesn’t. :-(
The quirky thing is that you must set a NISDOMAIN in /etc/sysconfig/network



NISDOMAIN=huh

It doesn’t matter what you set it to either, but it must be set. Very lame. But, it should work now, go figure.

This entry was posted on Friday, January 25th, 2008 at 06:16 and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)”

Inna Says:
July 9th, 2008 at 05:43
http://www.fedoralinux.ru/ – russian site about fedora linux.

Sysadmin Ramblings

Categories

Kewl Stuff

Linux

Mine

NPR

RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)

One Response to “RHEL5 RedHat/Fedora Linux Using netgroups with LDAP (nss_ldap)”

Leave a Reply