HOWTO: Get USB with OpenLDAP + DBUS working

[lfa-tux]

In the following I will assume, that you have already installed USB and got it working with a local useraccount. Also check the wiki: http://gentoo-wiki.com/HOWTO_Adding_a_Samba_Server_into_an_existing_AD_Domain

The main goal of this thread is to get USB-Flashdrives working with an Active-Directory authentification via openldap. I don't know were exactly the problem is located, but I suppose dbus plays the crucial part in it. What happens is that if you manage the groups via the /etc/security/group.conf file, dbus won't recognise these groups.

This could be a group.conf entry:

*;*;*;Al0000-2400;floppy,audio,cdrom,video,usb,plugdev,users,disk,wheel

As you see, the plugdev-group is also provided by this file, therefore dbus supposes, that the remotely authenticated user isn't a member of this.

A solution for this problem that works for me is the following:

- Create a group in the Active Directory and add all users that should be member of the plugdev-group.
- Insert the following lines in the /etc/dbus-1/system.d/hal.conf on each client, in which GROUPNAME stands for the group you created in the AD: