directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@apache.org>
Subject Re: ldap user - groups mapping question
Date Mon, 23 Feb 2009 14:23:42 GMT
On Mon, Feb 23, 2009 at 3:00 PM, werner mueller
<werner.mueller@mimacom.ch> wrote:
> hallo
>
> a few days ago i started to setup apache ds (1.5.4) to have my own ldap
> server. mainly to be able to sync users across different tools.
>
> i had some trouble setting the server up. i started with the
> apacheds-geronimo plugin. But the configuration format is quite
> different.

AFAIR, Geronimo is using 1.0.2.

I've also tried the windows installers but the server did not
> want to start ("path not found"). So setup was a bit messy.

Hmmm... Curious. if you have a trace, may be we can help.

> Currently i am using the .tar.gz distribution on debian etch 4.0 with
> sun jdk 1.6.
>
> I've successfully created a new partition and a users and groups
> organizationUnit. I was able to assign users into groups using
> uniqueMember on a group (objectClass: groupOfUniqueNames)
>
> I am now trying to assign users into groups using the uniqueMember
> attribute on (inetOrgPerson). When i try to create a new user with
> apache ds studio i get the following error message (full error message
> below):
>
> Entry [...] contains more than one STRUCTURAL ObjectClass:
> [<groupOfUniqueNames>, <inetOrgPerson>]]

LDAP does not accept two structural ObjectClasses in an entry, unless
there is a hierarchical dependence between them. In you case,
groupOfUniqueNames inherits from Top, and inetOrgperson inherit from
Person. There is no overlap, and it's not allowed.

Sadly, Apache DS 1.0.2 wasn't able to check those inconsistencies,
hence the screenshot you can find on Liferay site.

Just remove the ObjectClass you don't need, and you'll be ok.

-- 
Regards,
Cordialement,
Emmanuel L├ęcharny
www.iktek.com

Mime
View raw message