This now works!

Thanks so much for teaching me more about LDAP.

Best
Doug

Thanks,

Douglas Duckworth, MSc, LFCS
HPC System Administrator
Scientific Computing Unit
Physiology and Biophysics
Weill Cornell Medicine
E: doug@med.cornell.edu
O: 212-746-6305
F: 212-746-8690

On Mon, Jul 24, 2017 at 10:55 AM, Douglas Duckworth <dod2014@med.cornell.edu> wrote:
Thank you both for your guidance.

I will try this now.

Doug

Thanks,

Douglas Duckworth, MSc, LFCS
HPC System Administrator
Scientific Computing Unit
Physiology and Biophysics
Weill Cornell Medicine

On Mon, Jul 24, 2017 at 10:31 AM, Michael Ströder <michael@stroeder.com> wrote:
Douglas Duckworth wrote:
> If OpenLDAP can run with this schema then why wasn't support for this feature created?

There is a contrib/ overlay but I'd not use it.

> What's the recommend schema?

Simply start with groupOfNames.

Ciao, Michael.

> On Jul 21, 2017 1:44 PM, "Quanah Gibson-Mount" <quanah@symas.com
> <mailto:quanah@symas.com>> wrote:
>
>     --On Friday, July 21, 2017 2:24 PM -0400 Douglas Duckworth
>     <dod2014@med.cornell.edu <mailto:dod2014@med.cornell.edu>> wrote:
>
>
>     > Am I rfc2307 or rfc2307bis?  According to sssd-ldap man page:
>
>     Per nis.schema:
>
>     # Definitions from RFC2307 (Experimental)
>     #       An Approach for Using LDAP as a Network Information Service
>
>
>     so it is RFC2307 as opposed to RFC2307bis.  Neither schema has ever made it
>     past experimental.
>
>     --Quanah