On Mittwoch, 28. November 2007, Andrew Bartlett wrote: [..]
Looking at the configuration, it seems this can only currently be configured once - ie, for memberOf. Am I missing how to configure it to also handle an arbitrary number of other attributes? Ideally I would process the AD schema into a configuration file with these details.
I think you can just create multiple instances of the "memberof" Overlay. Like this:
overlay memberof memberof-group-oc group memberof-member-ad member memberof-memberof-ad memberof overlay memberof memberof-group-oc another-oc memberof-member-ad another-member memberof-memberof-ad another-memberof
To start with this module I've decided to just deal with memberOf. However, I can't get the module to start, because while it allows configuration of different schema in theory, it relies on the default schema to exist in practice:
[abartlet@naomi source]$ /usr/local/sbin/slaptest -f /home/data/samba/samba4/clean/source/st/dc/private/ldap/slapd.conf back-bdb/back-hdb monitor: "olmBDBAttributes" previously defined "1.3.6.1.4.1.4203.666.1.55.0.1.1" back-bdb/back-hdb monitor: "olmBDBObjectClasses" previously defined "1.3.6.1.4.1.4203.666.3.16.0.1.1" memberof_db_init: unable to find objectClass="groupOfNames" slaptest: bad configuration file!
The problem is that groupOfNames doesn't exist in the AD-like schema I'm loading. This is with current CVS OpenLDAP.
Yeah, the memberof-Overlay needed the "groupOfNames" objectclass and the "member" Attributetype to initialize correctly. I just committed a change to HEAD to change that. This should fix your problem. Please test.