I'm attempting to add some of our LDAP users to a locally defined group on our RHEL server, however I get an error stating that the LDAP user is not found in /etc/passwd.
What would be the best way to allow LDAP users to be added to local groups?
My feeling is that this must be done manually. I could edit: /etc/group
and add the LDAP group to the list. Would that be ideal?
[server]# id apache
uid=409(apache) gid=409(apache) groups=409(apache) context=user_u:system_r:unconfined_t:s0
[server]# id john.doe
uid=11389(john.doe) gid=6097(ABC_Corporate_US) groups=6097(ABC_Corporate_US) context=user_u:system_r:unconfined_t:s0
[server]# /usr/sbin/usermod -a -G apache john.doe
usermod: john.doe not found in /etc/passwd
OS: RHEL (Red Hat Enterprise Linux Server release 5.3 (Tikanga)) Note: Updating the OS on this machine is not an option.
Your version of usermod doesn't support LDAP. This was fixed in newer versions of RHEL:
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.5_Technical_Notes/shadow-utils.html
I discovered that this can be achieved using the
gpasswd
command.