[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap 2.1 and alias/referral


I am trying to create some alias objects in my ldap server, but whenever I do so, I get errors.

For example, if I try to insert the following record

dn: uid=myuser,ou=branchB,o=myorg
objectClass: alias
aliasedObjectName: uid=myuser,ou=branchA,o=myorg

I get an error telling me that the uid attribute is missing. If I add the uid attribute to the ldif, I get an error telling me that the uid attribute is not allowed.

I also tried to insert referrals instead of alias, but I get the same results.

Can anyone tell me what is going wrong? Are alias objects supported in OpenLDAP 2.1.x?

Maybe I am doing the wrong approach. I tried to use aliases, because I want to be able to give different permissions to the same person, based on different contexts (e.g. I want to allow user 1 to login to host A and C, but not to B,D and E)

I thought on having a branch for each host, and inserting aliases into this branch for the people allowed to access that host (the host would lookup users on its branch)

Is this the preferred way? or is there a better way of doing this?