#165645 adduser: bad interaction with ldap

Package:
adduser
Source:
adduser
Submitter:
martin f krafft
Date:
2025-02-22 11:36:02 UTC
Severity:
wishlist
Tags:
#165645#5
Date:
2002-10-20 20:37:52 UTC
From:
To:
addgroup <user> <group> changes /etc/group, even though the whole
system uses LDAP. can this be extended?

#165645#10
Date:
2002-10-21 11:10:34 UTC
From:
To:
martin f krafft wrote:

Planned for Adduser 4. Unfortunately, I didn't find a lot time for
coding yet due to real life... :(

Anyway, you might want to have a look at
http://www.hbg-bremen.de/~roland/code/adduser.xhtml

#165645#15
Date:
2003-04-15 23:07:14 UTC
From:
To:
Just thought I'd add an addendum for this bug - I'm working on patches to
adduser which will add the necessary functionality to have all (or just
regular) users and groups in LDAP, handled correctly.  Hopefully they'll be
out and about in a few days (or less).

- Matt

#165645#18
Date:
2003-04-15 23:07:14 UTC
From:
To:
Just thought I'd add an addendum for this bug - I'm working on patches to
adduser which will add the necessary functionality to have all (or just
regular) users and groups in LDAP, handled correctly.  Hopefully they'll be
out and about in a few days (or less).

- Matt

#165645#23
Date:
2003-05-03 05:11:00 UTC
From:
To:
I've finally gotten around to finishing off the LDAP-enabled adduser stuff.
Be warned, it's pretty raw at the moment, which is why I'm not submitting a
patch to the BTS for inclusion in the official adduser.  I just don't think
it's ready for prime time yet.

Package can be retrieved from http://www.baileyroberts.com.au/~mpalmer.

There is one seriously wierd outstanding issue which I cannot for the life
of me figure out - the postinst appears to add the LDAP config thing twice.
I cannot for the life of me figure out why.  Suggestions appreciated.  Just
remove the duplicate LDAP config stuff from your config after installation.

- Matt

#165645#28
Date:
2003-05-29 18:20:36 UTC
From:
To:
Hey Matt,

finally I found some time to investigate your LDAP extension to adduser.
First of all, thanks a lot for your effort. I've just created a project
for adduser on alioth.debian.org, so that we can manage the source in a
Subversion repository there.

There a few things though that I think should be done differently. Those
are:

 - postinst dumps all of the ldap options into adduser.conf wheres most
   users won't need them. Thus, I think it'd be better to install it as
   an example and ship the default file without ldap options.

 - I like your approach to have different methods (file and ldap) in
   separate modules a lot. What do you think about having the more
   general options normal_backend and system_backend in adduser.conf
   (rather than use_ldap and use_ldap_system). Both of them could hold
   file or ldap for now, but other backends could also be implemented.
   This would more closely resemble the approach I outlined in
http://www.hbg-bremen.de/~roland/code/adduser.xhtml and make an
   upgrade to a next-generation adduser easier (if it should eventually
   happen).

 - When deleting users, you're currently assuming that a users RDN is
   uid and a groups RDN is cn. With manually or some other tool created
   users and groups this doesn't have to be the case though. We should
   probably use the DN received in the search result.

Anyway, I think that you did a great job. Would it be okay for you if we
could start merging (and possibly extending) your patch together once
the Subversion repository is set up?

Roland

#165645#33
Date:
2007-11-01 18:23:47 UTC
From:
To:
Hi,

What's the status of this feature request?

I'm at the Ubuntu Developer Summit in Boston at the moment, and there's much
discussion going on about a tool for managing LDAP users and groups. In an
ideal world, there'd be some consistency between Debian and Ubuntu on this,
and I know this isn't exactly a new feature request.

https://blueprints.edge.launchpad.net/ubuntu/+spec/identity-management

regards

Andrew

#165645#38
Date:
2007-11-01 19:04:18 UTC
From:
To:
This one time, at band camp, Andrew Pollock said:

I have a bunch of code, but I haven't uploaded it yet because I haven't
found the time to get it to the point where it's more than proof of
concept.  I suppose I can put it in a seperate branch in the svn repo
for people to start hacking on, though.

#165645#43
Date:
2025-02-22 11:33:33 UTC
From:
To:
Control: tags -1 wontfix
thanks

I am wontfixing this. The adduser maintainers have decided that we don't
have time to support directory services at all. See README.Debian for
more in-depth explanation.

Greetings
Marc

#165645#48
Date:
2025-02-22 11:33:33 UTC
From:
To:
Control: tags -1 wontfix
thanks

I am wontfixing this. The adduser maintainers have decided that we don't
have time to support directory services at all. See README.Debian for
more in-depth explanation.

Greetings
Marc