[Date Prev][Date Next]
Re: OpenLDAP configuration for ldap-group authentication on Apache2.x
On Tuesday, 1 June 2010 17:04:59 Loren Cahlander wrote:
> And need to have groups being both posixGroup and groupOfUniqueNames.
I would rather use groupOfNames/member than groupOfUniqueNames/uniqueMember
> Far below is my configuration. If I try loading a group with with following:
> > dn: cn=my-dba,ou=Groups,dc=exist-db, dc=org
> > gidNumber: 9999
> > objectClass: posixGroup
> > objectClass: groupOfUniqueNames
> > uniqueMember: uid=lcahlander,ou=Users,dc=exist-db,dc=org
> > cn: my-dba
> I get the following error:
> > ldap_add: Object class violation (65)
> > additional info: invalid structural object class chain
> > (posixGroup/groupOfUniqueNames)
> Does anyone have a suggestion for how to deal with this error?
1)Switch to rfc2307bis instead of rfc2307 (nis.schema)
This may require a bit of work for your ldap clients.
2)Add objectclass extensibleObject, and maintain both member and memberUid