TJ Saunders wrote:

Hi TJ,

> What is the numeric ID of that group being returned by LDAP? What does
> 'ls -n' (for showing ownership in IDs, not names) for that directory show?


drwxrwxr-x 2 0 3100 1024 Nov 6 22:32 samba

-> group ID 3100, in LDAP:

cn=samba,ou=Group,dc=netlabs,dc=org

attribute gidNumer: 3100

So that mapping makes sense

> Remember that ls, by default, uses /etc/passwd for resolving user and
> group IDs to names. So just because ls shows the same group _name_
> doesn't mean that LDAP and /etc/passwd are using the same group _ID_. And
> permissions, checked by the filesystem, are determined by IDs, not names.


yes I agree on that but there is no such group in /etc/group, also the
user I'm logging in does not have an entry in /etc/passwd so it is an
LDAP user only. Also, the server itself is not connected to LDAP, I just
need LDAP for services like proftpd or apache, not for the box itself.

I'm not sure if I need to add filter options in the LDAP config section
to get the mapping to work properly, the documentation didn't help too
much on that so far.

cu

Adrian


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html