[Freeipa-devel] [PATCH] enable memberof plugin
Pete Rowley
prowley at redhat.com
Thu Oct 11 18:22:41 UTC 2007
Do the entries have the inetuser objectclass? That allows memberof.
Also only new additionsto groups will show up, you'll need to create a
DS task entry to get existing members to have their memberof attribute
populated (an example is at the top of memberof.c).
Rob Crittenden wrote:
> Pete Rowley wrote:
>> this time, with a patch attached :)
>>
>
> I applied this ldif to my server but memberof still returns nothing:
>
> ldapsearch -Y GSSAPI -b "dc=freeipa,dc=org"
> "memberOf=cn=admins,cn=groups,cn=accounts,dc=freeipa,dc=org" cn
> SASL/GSSAPI authentication started
> SASL username: rcrit at FREEIPA.ORG
> SASL SSF: 56
> SASL installing layers
> # extended LDIF
> #
> # LDAPv3
> # base <dc=freeipa,dc=org> with scope subtree
> # filter: memberOf=cn=admins,cn=groups,cn=accounts,dc=freeipa,dc=org
> # requesting: cn
> #
>
> # search result
> search: 4
> result: 0 Success
>
> # numResponses: 1
>
> There are members:
>
> ldapsearch -Y GSSAPI -b "dc=freeipa,dc=org" cn=admins uniqueMember
>
> # admins, groups, accounts, freeipa.org
> dn: cn=admins,cn=groups,cn=accounts,dc=freeipa,dc=org
> uniqueMember: uid=admin,cn=sysaccounts,cn=etc,dc=freeipa,dc=org
> uniqueMember: uid=rcrit,cn=users,cn=accounts,dc=freeipa,dc=org
> uniqueMember: uid=test1,cn=users,cn=accounts,dc=freeipa,dc=org
> uniqueMember: uid=test2,cn=users,cn=accounts,dc=freeipa,dc=org
--
Pete
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071011/10cd57b2/attachment.bin>
More information about the Freeipa-devel
mailing list