Add all LDAP users to a local group?

1

Is there a way to add every LDAP users to a local group on Debian ?

I have more than 1500 ldap users, and they need to be in local groups ('video', 'audio' and 'games') on some computers (Raspbian).

I'm using nslcd and nsswitch to enable ldap login, and pam_mount to mount my remote directories.
So I thought using nslcdp "map" option, but I think this option is not relevant here.
So I thought using the pam_group thing, but I don't understand which PAM service i should use...
Finally I tried a script with setuid, but setuid is not supported anymore for security reasons.

Hope you will have a hint for me...

Regards, Thomas

Azca

Posted 2019-02-06T18:22:10.620

Reputation: 11

Answers

0

I was not able to find a way to add a LDAP user to a local group, so I updated the access rights of the system files owned by the video group : In /etc/udev/rules.d/50video.rules :

KERNEL=="fb0",MODE="0666"
KERNEL=="vchiq",MODE="0666"
KERNEL=="vcio",MODE="0666"
KERNEL=="vcsm",MODE="0666"

Now my ldap users are allowed to use video chipset on the raspberry pi.

Azca

Posted 2019-02-06T18:22:10.620

Reputation: 11

Asked: 2019-02-06T18:22:10.620

Viewed: 181 times

Active: 2019-06-03T21:02:52.700