1748264 Members
4121 Online
108760 Solutions
New Discussion юеВ

groupadd not unique

 
jackie baron_1
Regular Advisor

groupadd not unique

I want to add several users and several groups to a HPUX 11.31 box. When I type groupadd -g GID <name>, I'm told GID is not unique....even thoug it doesn't exist in the /etc/group file. I read in the man pages about NIS but I don't think we are using NIS....well we are using LDAP, but can I still add these groups locally that may not be unique?

5 REPLIES 5
Dennis Handly
Acclaimed Contributor

Re: groupadd not unique

>we are using LDAP, but can I still add these groups locally that may not be unique?

 

Are the names different for the same IDs?  You don't want to do that.

If they are the same, you should leave out the local copy.

Of course you can just use vi on /etc/group.

Paul Wasik
Frequent Advisor

Re: groupadd not unique

check your /etc/nsswitch.conf file. that will tell you how the OS is searching for UIDs and GIDs. it should be something like this (we use vintela servers as the LDAP "product"). in this case, the OS looks to the files for UID, GID affiliation  first before looking to LDAP (vas)

 

passwd: files vas3

group: files vas3

hosts: files [NOTFOUND=continue] dns

 

you may find that  ldap is searched first. files should be first so that local accounts are found locally without getting confused by similar UID/GID in LDAP. 

also, check for the existence of the UID/GID in LDAP.... list the users/groups in ldap (not sure how, but vintela has a tool, vastool).  maybe you can find what you are confilcting with.

jackie baron_1
Regular Advisor

Re: groupadd not unique

Thanks guys....I think I can disable LDAP in order to add them locally. Now how does one do that?

James R. Ferguson
Acclaimed Contributor

Re: groupadd not unique


@jackie baron_1 wrote:

Thanks guys....I think I can disable LDAP in order to add them locally. Now how does one do that?


Hi:

 

You sould see the key 'ldap' in your '/etc/nsswitch.conf' file.  Delete it to disable its use.  Look at the manpages for 'nsswitch.conf(4)' for more information.

 

Regards!

 

...JRF...

VK2COT
Honored Contributor

Re: groupadd not unique

Hello,

 

Firstly, you can pass the command-line option to groupadd(1M):

 

-o        Allow the gid to be non-unique (that is, a duplicate)

 

And because groupadd(1M) only adds the group definition into /etc/group file,

there is never a danger to mess with NIS or LDAP... That is the proper weay for you

to use this command.

 

Secondly, if you really want to remove LDAP entry from the setup,

just edit /etc/nsswitch.conf. Look for line:

 

group: files ldap ...

 

Cheers,

 

VK2COT

VK2COT - Dusan Baljevic