[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-devel
Subject:    Re: LDAP/Samba 4 summary
From:       Ralf Haferkamp <rhafer () suse ! de>
Date:       2007-11-28 11:20:29
Message-ID: 200711281220.29737.rhafer () suse ! de
[Download RAW message or body]

On Mittwoch, 28. November 2007, Andrew Bartlett wrote:
[..]
> > Looking at the configuration, it seems this can only currently be
> > configured once - ie, for memberOf.  Am I missing how to configure it to
> > also handle an arbitrary number of other attributes?  Ideally I would
> > process the AD schema into a configuration file with these details.
I think you can just create multiple instances of the "memberof" Overlay. Like 
this:

overlay memberof
memberof-group-oc group
memberof-member-ad member
memberof-memberof-ad memberof
overlay memberof
memberof-group-oc another-oc
memberof-member-ad another-member
memberof-memberof-ad another-memberof

> To start with this module I've decided to just deal with memberOf.
> However, I can't get the module to start, because while it allows
> configuration of different schema in theory, it relies on the default
> schema to exist in practice:
>
> [abartlet@naomi source]$ /usr/local/sbin/slaptest
> -f  /home/data/samba/samba4/clean/source/st/dc/private/ldap/slapd.conf
>  back-bdb/back-hdb monitor: "olmBDBAttributes" previously defined
> "1.3.6.1.4.1.4203.666.1.55.0.1.1"
>  back-bdb/back-hdb monitor: "olmBDBObjectClasses" previously defined
> "1.3.6.1.4.1.4203.666.3.16.0.1.1"
> memberof_db_init: unable to find objectClass="groupOfNames"
> slaptest: bad configuration file!
>
> The problem is that groupOfNames doesn't exist in the AD-like schema I'm
> loading.  This is with current CVS OpenLDAP.

Yeah, the memberof-Overlay needed the "groupOfNames" objectclass and 
the "member" Attributetype to initialize correctly. I just committed a change 
to HEAD to change that. This should fix your problem. Please test.

-- 
Ralf
[prev in list] [next in list] [prev in thread] [next in thread]