[Date Prev][Date Next]
Re: memberOf attribute: part of LDAP v3 standard ?
You could add objectClass groupOfNames (defined in core.schema) to your
inetOrgPerson definition to pick up the "member" attribute:
cn: Charlie Reitsma
It's up to you to keep it in sync with any groups defined in
ou=groups,dc=airius,dc=com if that is needed. If you want to list the groups
an individual is a member of without populating a member attribute then there
is an algorithm published in the appendix of "Draft Best Practices for
Directory Groups" found at http://middleware.internet2.edu/dir/groups/
Yves Robin wrote:
> 1) memberOf attribute is not part of the basic LDAP v3 schema,
> 2) but if memberOf attribute is in a LDAP server schema, then
> ldapsearching that server for entities with attribute list including
> memberOf is correct
> and should return associated value(s).
> Right ?
> -----Original Message-----
> From: Adam Williams [mailto:email@example.com]
> Sent: Tuesday, April 30, 2002 1:13 PM
> To: Yves Robin
> Cc: openldap-software@OpenLDAP.org
> Subject: Re: memberOf attribute: part of LDAP v3 standard ?
> >It seems that, depending on the LDAP server (openldap, Active Directory,
> >Netscape, ...), a ldapsearch query can (or not)return the memberOf
> >attribute, as part of the list of returned attributes.
> >Is this attribute part of LDAP v3 standard or not?
> Well sort of, if the attribute is defined in someones schema with a
> valid OID. But the behavior you describe I'm pretty certain isn't.
> >Do all the LDAP servers should support such computed-on-the-fly attribute?