OpenLDAP memberof plugin and Samba4

26 Dec 2007


      I've been working with current CVS OpenLDAP and the memberof plugin, for
Samba4 integration.
Following your suggestion, I'm trying to load multiple memberof
instances, but the syntax doesn't seem to work for me.  Attached is how
I'm currently configuring the overlay.   It causes this when loading:
overlay_config(): overlay "memberof" already in list
overlay_config(): overlay "memberof" already in list
...
It also only appears to work for the first entry (happily that is
member/memberof, and this seems to have worked).
Is the syntax I'm using correct, or does the module need to be reworked
for this operation?
Finally, I'm wondering if the error returns can be adjusted:
When I add invalid member to a group, OpenLDAP returns
LDAP_CONSTRAINT_VIOLATION <adding non-existing object as group member>,
but AD returns error 32, LDAP_NO_SUCH_OBJECT for this situation.  Would
it be reasonable to change this, or could it be made configurable.
Having the LDAP server give me the error the client expects would avoid
the need for a translation layer.  (it might be nobody ever looks at
this, but I don't like to make that assumption).
Thanks,
Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

OpenLDAP memberof plugin and Samba4