[Date Prev][Date Next]
Re: > posixGroup & memberOf
Yes i mean nested groups, ...and IT WORK !
just because of 'member'-attribute, - just add it to
'posixGroup'-objectclass ,and you can add
members like this:
dn: cn=Domain Admin,ou=Groups,dc=my,dc=org
cn: Domain Admin
displayName: Domain Admin
where IT is another posixGroup,
As result - members of IT-group becomes to 'Domain Admins'
I told you - it must works, you try, i'm already tested with Samba acl
shares (and my Samba looking for Ldap)
(..sorry for my english
----- Original Message -----
From: "Michael StrÃder" <email@example.com>
Sent: Monday, January 21, 2008 9:48 PM
Subject: Re: > posixGroup & memberOf
HOW to make posixGroup a memberOf another posixGroup?? ...
You mean nested groups?
Deploying posixGroup is the very same concept like Unix groups in
/etc/group. And there is no such concept like nested groups there.
objectclass ( 126.96.36.199.188.8.131.52 NAME 'posixGroup'
DESC 'Abstraction of a group of accounts'
SUP top STRUCTURAL
MUST ( cn $ gidNumber )
MAY ( userPassword $ memberUid $ member $ description ) )
and where is "memberOf" ??
The attribute 'memberUid' contains the numeric Unix UID of all member
users of a 'posixGroup'. But where do you have this declaration with
attribute 'member' from? Normally it's not declared with attribute
memberOf is a completely different thing. It's a dynamically generated
back-link from the user's entry to all the group entries a user is a
member of. It cannot be used in conjunction with 'posixGroup' though.
See also man-page slapo-memberof(5).