[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: I want to use memberof overlay but I do not have a clue on how to even look at it.

To: openldap-technical@openldap.org
Subject: Re: I want to use memberof overlay but I do not have a clue on how to even look at it.
From: Dieter Klünter <dieter@dkluenter.de>
Date: Sat, 1 Aug 2015 09:08:36 +0200
In-reply-to: <55BB8D6C.3090009@ngtech.co.il>
Organization: AVCI
References: <55BB8D6C.3090009@ngtech.co.il>

Am Fri, 31 Jul 2015 17:59:56 +0300
schrieb Eliezer Croitoru <eliezer@ngtech.co.il>:

> I want to use memberof overlay but I do not have a clue on how to
> even look at it.
> I have tried to use this:
> http://www.schenkels.nl/2013/03/how-to-setup-openldap-with-memberof-overlay-ubuntu-12-04/
> 
> which kind of worked and it has added something to my database.
> Now I have tried to run some search but either I am doing something 
> wrong or the memberof is not loaded.
> 
> So first, how do check that it is loaded?
> I was thinking about :
> ldapsearch -x -H ldap:/// -b cn=module
> 
> but again I am unsure since it won't give results.
> I am trying to use memberof for squid to match a group membership.
> Any hints? directions to understand?
> 
> I understand the basics of LDAP but this is something above basic
> LDAP.

If slapo-memberOf(5) is configured correctly, create a groupOfNames
object and add some DN's as member attribute values. This will create
an operational attribute meberOf with the DN of the groupOfNames object.
If you use sqidd to authorize users, you may create a filter like
(&(uid={0})(memberOf=cn=someGroup,dc=example,dc=com))
in order to search for the DN to bind.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E

Next by Date: question on write transaction
Index(es):
- Chronological
- Thread