[Date Prev][Date Next] [Chronological] [Thread] [Top]

gidNumber, uidNumber, memberUid semantic

Hello everybody,


Not very familiar with ldap schemas, I’m struggling with identifier of people and groups in an openldap directory. This question should not be specific to openldap but I does not found anything clear in RFCs.


My current understanding is:


-          uidNumber is a unique number amongst users (posixAccount??), thus each instance of objectclass posixAccount has a different uidNumber (which is generated by the directory I assume??),

-          gidNumber is the same thing as above but for PosixGroup instances.

-          posixAccount has also a gidNumber attribute but this is the gidNumber referencing primary group of this user.


I would like to browse the attributes of members of a posixGroup, and I suppose that it is contained in memberUid multi valued attribute.


So, my question is simple : if I’m not wrong until now, what attribute is contained in memberUid for referencing users and group ? It should be a attribute fro which unicity is preserved amongst posixAccount AND posixGroup ? If it is not (which is the case in gidNumber and uidNumber) how do you know if it is a group or a user you have to search for, and how can you retrieve the correct instance?


Thanks for your clues,