AllowUser @group doesn't work with LDAP groups

Anonymous anonymous at easysw.com
Wed Aug 17 01:49:30 PDT 2005


> Anonymous wrote:
> > Hi All,
> >
> > I tried restricting a printer with the AllowUser @group entry in /etc/printers.conf and it doesn't appear to work.  The AllowUser userid works fine for LDAP users.  I am using the latter method as a workaround.  Can somebody else using LDAP please confirm this possible bug.
>
> Edit /etc/nsswitch.conf, add "ldap" to the "groups" line.
>
> If that doesn't work, let us know what operating system you are
> using...

Hi Michael,

Sorry about the slow reply.  My groups are definitely configured to use LDAP as well as local unix groups.  We are using SuSE Linux 9.1.  I had a similar problem a few months ago with the KDE kiosk tool - this may be a similar problem.  A newer version of KDE fixed the problem.  A possible explanation is below:

>Appearantly some aspects of getgrnam() don't work too well with LDAP >groups. I can only guess about the reasons for that, I suspect it is >due to a mismatch between the concept of /etc/groups and the way how >LDAP stores group information. You will need to find some libc/LDAP >expert to get a definitive answer on that.

Regards

Murray




More information about the cups-devel mailing list