RE: help with groups?

["Ron Wahler" <ron@rovingplanet.com>]

I want to do a ldapsearch for groups that have a specific user.
How can I do it ?


ldapsearch -LLL -x -h 10.0.0.94 -p 389  -D "cn=Manager,dc=fido,dc=com"
-w secret  -b "dc=fido,dc=com"
"(objectClass=groupOfNames)(member=bob*)"


-----Original Message-----
From: Tony Earnshaw [mailto:tonni@billy.demon.nl] 
Sent: Wednesday, May 07, 2003 3:34 PM
To: Ron Wahler
Cc: pll+ldap@lanminds.com; openldap-software@OpenLDAP.org
Subject: RE: help with groups?

På on , 07/05/2003 klokka 16:21, skreiv Ron Wahler:

> How do you create the initial top level directory structure for
> GroupOfNames

The "initial top-level directory structure" was a single-value DN,
domain name, defining the root of every directory in the world. Now it's
mostly C, a country, or DC, a domain component.

The unit into which a groupOfNames is placed, is always a DN - doesn't
matter how short or long.

So, the DN dn="cn=group,ou=department,dc=organization,dc=com" could have
a structure with just two objectClasses - top and groupOfNames and a
multi-value attribute: member.

It's so much easier when you use a GUI to make it, play around with it
and let you know clearly each time you make a mistake.

> or can you just add it after you setup the root and sub-directories?

The whole thing is plastic to the nth degree. You can add to it, pull it
around, squeeze it together - do what you want, even when you thought it
was finished. That's why I call LDAP a magic box. Things like an SQL
database are dull straight jackets in comparison.

Get GQ 0.7.0b2 and use it, see for yourself :-)

Best,

Tony

-- 
Tony Earnshaw

Do not come to visit me with both arms the same length.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Tony Earnshaw