[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: translucent overlay add an attribute to all users in a OU and subtree
Am Wed, 22 Oct 2014 18:41:41 +0200
schrieb Nicolas RENAULT <nicolas_renault@yahoo.fr>:
> Le 21/10/2014 17:42, Dieter Klünter a écrit :
> > Am Tue, 21 Oct 2014 14:35:14 +0200
> > schrieb Nicolas RENAULT <nicolas_renault@yahoo.fr>:
> >
> >> Le 21/10/2014 09:23, Michael Ströder a écrit :
> >>> Dieter Klünter wrote:
> >>>> collectiveAttrbibuteSubentry is declared in schema_prep.c. When I
> >>>> tested collective attributes, a few years ago, slapd had to be
> >>>> build with -DLDAP_COLLECTIVE_ATTRIBUTES. I don't know whether
> >>>> this is still the case.
> >>> I've tested this yesterday and I had to build with
> >>> -DLDAP_COLLECTIVE_ATTRIBUTES to make
> >>> 'collectiveAttrbibuteSubentry' appear in the subschema subentry.
> >>>
> >>> Ciao, Michael.
> >>>
> >> thanks for reply
> >>
> >> so now the noob question : how do I build with
> >> -DLDAP_COLLECTIVE_ATTRIBUTES ?
> >> with our clue I try to restart the process with :
> >>
> >> configure :
> >>
> >> ./configure --enable-syslog --enable-modules --enable-rewrite
> >> --enable-ldap --enable-meta --enable-collect --enable-dyngroup
> >> --enable-memberof --enable-proxycache --enable-rwm --enable-sssvlv
> >> --enable-valsort -DLDAP_COLLECTIVE_ATTRIBUTES
> >>
> >> result :
> >> configure: error: unrecognized option:
> >> `-DLDAP_COLLECTIVE_ATTRIBUTES'
> >>
> >> so I look on "configure --help" and "less INSTALL" , try to google
> >> DLDAP_COLLECTIVE_ATTRIBUTES and at last try a grep on the directory
> >> openldap-2.4.40/ but cannot find ref on how to build openldap with
> >> DLDAP_COLLECTIVE_ATTRIBUTES ..
> >>
> >> finally and for archives :
> >>
> >> ./configure --enable-syslog --enable-modules --enable-rewrite
> >> --enable-ldap --enable-meta --enable-collect --enable-dyngroup
> >> --enable-memberof --enable-proxycache --enable-rwm --enable-sssvlv
> >> --enable-valsort CFLAGS="-DLDAP_COLLECTIVE_ATTRIBUTES"
> >>
> >> after that , make depend, make , make install
> >>
> >> Works ! that is the good process ?
> >>
> >> now i can add the ldif with the example the you give me without
> >> errors.
> >>
> >> but it doesn't appli collectives attributes :
> >>
> >> I have create this to test overlay collect :
> >>
> >> ## dcObject is an AUXILIARY objectclass and MUST
> >> ## have a STRUCTURAL objectclass (organization in this case)
> >>
> >> dn: dc=example,dc=fr
> >> dc: example
> >> o: example proxy LDAP Server
> >> description: Root entry for example proxy LDAP server
> >> objectClass: top
> >> objectclass: dcObject
> >> objectclass: organization
> >>
> >> ## FIRST Level hierarchy
> >>
> >> dn: ou=TOUT,dc=example,dc=fr
> >> ou: TOUT
> >> description: OU pour contenir tout les annuaires
> >> objectClass: top
> >> objectClass: organizationalUnit
> >>
> >> ## FIRST Level hierarchy - Manager
> >>
> >> dn: cn=Manager,dc=example,dc=fr
> >> cn: Manager
> >> description: Rootdn
> >> objectclass: organizationalRole
> >>
> >> after that I add this (from example provide in reply) :
> >>
> >> dn: cn=office,dc=example,dc=fr
> >> objectClass: subentry
> >> objectClass: extensibleObject
> >> objectClass: collectiveAttributeSubentry
> >> cn: office
> >> subtreeSpecification: {base "ou=TOUT" minimum 2}
> >> c-l: Berlin
> >> c-street: Main Street
> >>
> >> and
> >>
> >> dn: cn=user_test,ou=TOUT,dc=example,dc=fr
> >> sn: test
> >> cn: user_test
> >> objectClass: user
> >> objectClass: organizationalPerson
> >> objectClass: person
> >> objectClass: top
> >>
> >> and in slapd.conf just for tests :
> >>
> >> include /etc/openldap/schema/collective.schema
> >> .......
> >> database bdb
> >> suffix "dc=example,dc=fr"
> >> rootdn "cn=Manager,dc=example,dc=fr"
> >> rootpw "xxxxx"
> >> directory /usr/local/var/openldap-base
> >> limits * size=1000
> >> overlay collect
> >> collectinfo cn=office,dc=example,dc=fr l,street
> > attributes should be c-l,c-street
> ok so now the line is
>
> collectinfo cn=office,dc=example,dc=fr c-l,c-street
>
>
> >> with that , when I do an ldap search :
> >>
> >> ldapsearch -H ldap://localhost -x -D "cn=Manager,dc=example,dc=fr"
> >> -W -b "ou=TOUT,dc=example,dc=fr"
> >> "(&(objectClass=user)(cn=user_test))" # extended LDIF
> >> #
> >> # LDAPv3
> >> # base <ou=TOUT,dc=example,dc=fr> with scope subtree
> >> # filter: (&(objectClass=user)(cn=user_test))
> >> # requesting: ALL
> >> #
> >>
> >> # user_test, TOUT, example.fr
> >> dn: cn=user_test,ou=TOUT,dc=example,dc=fr
> >> sn: test
> >> cn: user_test
> >> objectClass: user
> >> objectClass: organizationalPerson
> >> objectClass: person
> >> objectClass: top
> >>
> >> # search result
> >> search: 2
> >> result: 0 Success
> >>
> >> # numResponses: 2
> >> # numEntries: 1
> >>
> >> no trace for the l and street attributes. any idea ?
> > The entries should be in cn=office,dc=example,dc=fr
> sorry but I don't understand :
>
> I create the object cn=office,dc=example,dc=fr
>
> dn: cn=office,dc=example,dc=fr
> objectClass: subentry
> objectClass: extensibleObject
> objectClass: collectiveAttributeSubentry
> cn: office
> subtreeSpecification: {base "ou=TOUT" minimum 2}
> c-l: Berlin
> c-street: Main Street
>
>
> with the subtreeSpecification to apply to "ou=TOUT" on
> dc=example,dc=fr.
>
> no ?
>
> I read the man
>
> "Collective attributes are added to entries returned by a search
> operation when the entry is within the scope of the related ancestor"
>
> I think that your reply refer to this part, but can you provide an
> working example or adapt my example to a working state ?
>
> Thanks for reply
>
dn: cn=office,dc=example,dc=fr
objectClass: subentry
objectClass: collectiveAttributeSubentry
subtreeSpecification: {base "ou=TOUT" minimum 0 maximum 2}
cn: office
c-l: Berlin
c-street: Main Street
dn:ou=TOUT,cn=office,dc=example,dc=fr
objectClass: organizationalUnit
ou: TOUT
dn: cn=user_test,ou=TOUT,cn=office,dc=example,dc=fr
sn: test
cn: user_test
objectClass: organizationalPerson
The attribute type subtreeSpecification my have an empty value.
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E