[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Limiting Search Results By Group Membership

To: Douglas Duckworth <dod2014@med.cornell.edu>, openldap-technical@openldap.org
Subject: Re: Limiting Search Results By Group Membership
From: Quanah Gibson-Mount <quanah@symas.com>
Date: Wed, 19 Jul 2017 15:25:47 -0700
Content-disposition: inline
In-reply-to: <WM!163dbcda7bae57b93bc558eacd1912466c3d475ec085384917c320484c6357c5733c01eaefd313d32938f3f84a91aa98!@mailstronghold-3.zmailcloud.com>
References: <CAAKHBK=9xo4Z0bp8Nu0n3htXnV9dRWvFd_SSK1gkHzu_Pny5rg@mail.gmail.com> <WM!163dbcda7bae57b93bc558eacd1912466c3d475ec085384917c320484c6357c5733c01ea efd313d32938f3f84a91aa98!@mailstronghold-3.zmailcloud.com>

--On Tuesday, July 18, 2017 4:32 PM -0400 Douglas Duckworth<dod2014@med.cornell.edu> wrote:

# admins, group, ldap.server
dn: cn=admins,dc=blah
objectClass: posixGroup
objectClass: top
cn: admins
memberUid: admin1
memberUid: admin2

Do you have any insight into what could be causing this behavior?  I
have not found the answer yet through extensive searching of the
internets.


Hi Douglas,

The answer lies in the slapd.conf(5) man page, in the description of the"limits" directive, specifically in this portion:


"sets the limits for any DN listed in the values of  the  at  attribute"

memberUID does not contain a DN, therefore it cannot be used. Hope thathelps!


Regards,
Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

References:
- Limiting Search Results By Group Membership
  - From: Douglas Duckworth <dod2014@med.cornell.edu>

Prev by Date: Re: OpenLDAP server sizing
Next by Date: Re: Configuring OpenLDAP with a custom schema instead of default schemas
Index(es):
- Chronological
- Thread