-   Linux - Newbie (
-   -   Adding users to multiple groups in Openldap (

skimeer 09-03-2012 01:37 AM

Adding users to multiple groups in Openldap

I need to modify user properties to add them in multiple groups. I have modified GID of user to make it the member of particular group. Not sure if this fine but its working for me.

But want to know that how to add one user in multiple groups.

This is my ldif file,

dn: uid=testoprldap,dc=test,dc=com
uid: testoprldap
cn: testoprldap
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: organizationRole
objectClass: UserMail
userPassword: {crypt}$1$OaJH.Q.E$oGqx0aMeL9Z1NE1w7kmM//
shadowLastChange: 15581
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 10115
gidNumber: 10001
role: ldap-operator
homeDirectory: /home/testoprldap

btmiller 09-03-2012 02:36 AM

What you need to do to put a user in multiple groups is to modify the LDAP entries of the secondary grouo(s) and add a memberUid field with the user's name. This is morally the same as adding the user to the group by editing the entry in /etc/groups on a non-LDAP system.

In short, you caan only change the primary GID by editing the user's DN. To modify the secondary group entries, you need to modify the DNs of the affected group(s).

All times are GMT -5. The time now is 10:11 AM.