[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#9173) Openldap configuration

To: openldap-its@OpenLDAP.org
Subject: (ITS#9173) Openldap configuration
From: biswas.raju@gmail.com
Date: Mon, 17 Feb 2020 16:28:14 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Raju Biswas
Version: 2.4.44
OS: RHEL7.4
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (14.141.44.130)


My requirement is to add the posixGroup and groupofNames object class together.
To achieve this, I used the link
https://devopsideas.com/openldap-linux-client-ldap-integration/

I need help on this. If you need more info kindly mail me so that I can provide
more information.

I added the customposixGroup and then added the group as

dn: cn=server_dev,ou=graylog,ou=rgroup,dc=rad,dc=com
objectclass: customposixGroup
objectclass: groupOfNames
cn: server_dev
gidNumber: 7000
description: Server Dev Group
member: uid=aron.francis,ou=People,dc=rad,dc=com

User added as
dn: uid=aron.francis,ou=People,dc=rad,dc=comcn: aron.francis
givenName: aron.francis

sn: useruid: aron.francis

uidNumber: 7001gidNumber: 7000
homeDirectory: /home/aron.francis
objectClass: top
objectClass: posixAccount
objectClass: shadowAccountobjectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: personloginShell: /bin/bash
userPassword: {SHA}Gf3pq4puDhvQ/KIgE7c1QQixnM4=
memberOf: cn=server_dev,ou=graylog,ou=rgroup,dc=rad,dc=com

Configured the sssduid=7001(aron.francis@rad.com) gid=7000 groups=7000

Help

I wanted help on why the group name is not getting displayed when I use the id
command from the LDAP client.
But if I use posixGroup alone and not groupOfName object class then the group
name is getting displayed.
I need to use both posixGroup and groupOfNames

[root@rad testing_dev]# ldapsearch -H ldaps:// -x -b "dc=rad,dc=com"
"uid=aron.francis" "member=uid=aron.francis,ou=People,dc=rad,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=rad,dc=com> with scope subtree
# filter: uid=aron.francis
# requesting: member=uid=aron.francis,ou=People,dc=rad,dc=com
#

# aron.francis, People, rad.com
dn: uid=aron.francis,ou=People,dc=rad,dc=com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@radisys testing_dev]# ldapsearch -H ldaps:// -x -b "dc=rad,dc=com"
"member=uid=aron.francis,ou=People,dc=rad,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=rad,dc=com> with scope subtree
# filter: member=uid=aron.francis,ou=People,dc=rad,dc=com
# requesting: ALL
#

# server_dev, graylog, rgroup, rad.com
dn: cn=server_dev,ou=graylog,ou=rgroup,dc=rad,dc=com
objectClass: top
objectClass: aposixGroup
objectClass: groupOfNames
cn: server_dev
gidNumber: 7000
description: Server Dev Group
member: uid=aron.francis,ou=People,dc=rad,dc=com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@rad testing_dev]#

Prev by Date: Re: (ITS#9017) Improving performance of commit sync in Windows
Next by Date: Re: (ITS#9173) Openldap configuration
Index(es):
- Chronological
- Thread