Created attachment 556141 [details] Joerg Dorchain's patch to handle with a non-dn member The value of pam_member_attribute is always compared to a DN. If the value is for example memberUid (posixGroup), the comparison should be made with the username. I found this patch in Debian forum that allows the administrator to choose whether to make the comparison by DN or username. Ref.: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341541 I think it would be interesting to incorporate this solution in nss_ldap on RHEL. Thank you for your attention Emerson Kfuri
At this stage in the lifetime of RHEL 5, I don't know that we're going to add new features to this package, but I'll clone it for the later release.
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.