[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: memberuid value should be DN or RDN or both woks
On Tue, Apr 19 2016 at 15:25:53 +0000, scn_73@yahoo.com scribbled
in "memberuid value should be DN or RDN or both woks":
> All,
>
> Openldap is complaining invalid dn. I doubt, it's for group members
> those memberuid don't have have DN and added as RDN. Like to know
> does memberuid should be DN or RDN works too.
The contents of a "memberUid" attribute in a "posixGroup" should only
match the "uid" attribute of a directory entry that is of objectClass
"posixAccount".
Whether that is also used as the entries RDN depends on how you've
modelled your directory, but it could be. It won't be a fully
qualified DN though.
> slapd[4892]: conn=1629448 op=2180 do_search: invalid dn (member1)
> slapd[4892]: conn=1629448 op=2181 do_search: invalid dn (memver2)
> slapd[4892]: conn=1629448 op=2182 do_search: invalid dn (member2)
>
> objectClass: posixGroup
> objectClass: top
> cn: g1
> gidNumber: xxxx
> memberUid: member1
> memberUid: member2
> memberUid: member3
> - Sachin
I'm not entirely sure what might have caused the "invalid dn"
response, but it might help if you also included example entries for
the members in question.
Cheers.
Dameon.
--
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><
Dr. Dameon Wagner, Systems Development and Support
IT Services, University of Oxford
><> ><> ><> ><> ><> ><> ooOoo <>< <>< <>< <>< <>< <><