[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP 2.4.16: can not add multiple 'member' attributes to object groupOfNames



"O. Hartmann" <ohartman@zedat.fu-berlin.de> writes:

> Michael Ströder wrote:
>> O. Hartmann wrote:
[...]
> Yes, indeed, I tried 'dummy' values and then it worked. Well, why is
> "member: port=5432" syntactically invalid? I follow the guideline in
> the PostgreSQL 8.4 handbook for LDAP authentication (found here:
> http://www.postgresql.org/docs/8.4/interactive/libpq-ldap.html) and
> since objectclass:groupOfUniqueNames is supposed to be bogus in
> OpenLDAP 2.4 I tried changing it. Strange.

The member attribute description requires distinguishedName syntax and
port=5432 is not a DN.
objectclass groupOfUniqueNames is not bogus but it only makes sense if
you provide uniqueness, see RFC 4517, 3.3.21.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E