As I mentioned, memberOf is a operational attribute type, syntax is 'distinguishedName'. Are there any modifiable operational attributetypes in your sql database at all? Is rootDN able to write and modify attribute types?
-Dieter
Am Thu, 9 Aug 2018 12:22:55 +0200 schrieb Arianna Milazzo arianna@ariannamicrochip.it:
I have a "member" table defined as: id (= id record) - gid (= group id) - pers_id (= person id)
the others table involved are "groups" table (gid - name - cn - dn) and persons (id - name - surname - .....) [where id is same of keyval in ldap_entries]
2018-08-08 19:20 GMT+02:00 Dieter Klünter dieter@dkluenter.de:
Am Wed, 8 Aug 2018 15:19:23 +0200 schrieb Arianna Milazzo arianna@ariannamicrochip.it:
Ok, I understand that it isn't supported, but at the moment I can't try other solutions. And since that aside from that filter, the rest works, I don't want to give up like that.
Infact if I look for the following values (then on the groups) Search base: cn=groupname,ou=group,dc=pigreco,dc=it Filter: (member=cn=Name Surname,ou=people,dc=pigreco,dc=it) I get if Name Surname is part of the groupname group
If I search Search base: dc=pigreco,dc=it Filter: (member=cn=Name Surname,ou=people,dc=pigreco,dc=it) I get the list of which groups Name Surname belongs
*But with this (then on the people)* Search base: dc=pigreco,dc=it Filter: (memberOf=cn=groupname,ou=group,dc=pigreco,dc=it)
*I have no result and in the log I read:get_ava: illegal value for attributeType memberof*
please note that memberOf attributetype is defined as:
( 1.2.840.113556.1.2.102 " "NAME 'memberOf' " "DESC 'Group that the entry belongs to' " "SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' " "EQUALITY distinguishedNameMatch " "USAGE dSAOperation " "NO-USER-MODIFICATION " ) do you have defined any table for this sort of operational attributes.
-Dieter
-- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E