--On Monday, August 30, 2021 8:26 PM +0200 Saša-Stjepan Bakša
<ssbaksa(a)gmail.com> wrote:
--On Monday, August 30, 2021 11:14 AM +0200 Saša-Stjepan Bakša
<ssbaksa(a)gmail.com> wrote:
> I have similar situation and also a replicated environment. I am using
> posixGroup only and never had any need for a memberOf attribute.
> But now, my devs have a software which insists on that attribute so I
> should provide it for them.
posixGroup is not a valid objectClass to use with providing memberOf
information.
--Quanah
Ouch! I have 51 different posixGroup groups which have been in use for
more than 10 years and now because of one
piece of software I must change the way I manage them all. Not happy at
all.
What is your suggestion Quanah? Can I just add an object? It would be a
problem if I must change all services.
Or maybe just add a few new groups of different types for that software.
That will be great if it is appropriate.
@Dave Macias Can you share the structure of your groups?
member/memberOf depend on LDAP groups, not unix groups, which are based on
DNs.
Example groups objectClasses are:
groupOfNames (core schema)
groupOfUniqueNames (core schema)
groupOfMembers (rfc2307bis schema)
Of these three, I would recommend either groupOfNames or groupOfMembers
Regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<
http://www.symas.com>