I have a Linux client(CentOS 4, a RHEL clone) using OD and Kerberos for authentication.
The linux client has the home folders mounted via NFS from the Mac OS Server. Mac OS X Server version is 10.3.9 by the way. Everything works perfectly allowing me to login passwordlessly(is that a word?) to the linux machine from a Mac OS X client after getting a TGT. When setting up nss on the linux machine I id set groups to be pulled from LDAP. What I did notice was if I run "ls -al" on my home folder while logged into the Linux client it it doesn't seem to know anything about the staff group instead it just lists it as GID only which is 20. So I poked around OD directly using some LDAP tools to get a close look at what it contains. Only one group exists in OD which is group admin with a GID 80. If I add another group called foo to OD running "getent group" on the linux client it will show foo listed at the bottom of the list which is what I would expect.
So the conclusion I've come to is that the bulk of the groups remain in NetInfo only and haven't been added or moved to the LDAP portion of OD. Has anyone seen/fought with this same thing, and if so what did you do about it? I tried to create a group called staff(gid 20) in Workgroup Manager but it complained that the group already exists, which is what put me on the NetInfo trail. My initial idea is to wack the groups in NI and recreate them in OD, which would make them available to Linux, but I'm not sure what the side effects might be to OD or the OS in general. (I'll probably have to setup a test machine to try that one on) I'm open to any ideas/suggestions.
jerky