directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "CORUM, M E [AG/1000]" <m.e.co...@monsanto.com>
Subject RE: memberOf attribute
Date Mon, 08 Mar 2010 15:01:12 GMT
In Active Directory, the "memberOf" attribute is a "calculated" attribute.  If you use a global
catalog, you would need to actually set it up to populate there.  I don't know if ApacheDS
has calculated attributes or not.  To simulate AD, I've added the memberOf to the appropriate
object class (can't remember off the top of my head but could look it up if needed) and I
manually populate it for testing.

Mike

-----Original Message-----
From: Martin Schuster (IFKL IT OS DSM CD) [mailto:Martin.Schuster1@infineon.com] 
Sent: Monday, March 08, 2010 8:51 AM
To: linus@vangeuns.name
Cc: users@directory.apache.org
Subject: Re: memberOf attribute

Linus van Geuns wrote:
> [...]
> I guess, your web app was designed for M$ Active Directory, as it
> stores group memberships in the groups object AND in the users object
> using 'memberOf' attribute.
> 
> Standard LDAP only stores group membership in the group objects.
> [...]
I'm working with a SunDS (modified Novell LDAP server afaik), and it
also has this feature, i.e. if you have a group

dn: cn=goodguys,dc=example,dc=com
uniqueMember: uid=superman,ou=people,dc=example,dc=com

then the entry for this user will automatically have a correct
"isMemberOf" attribute

dn: uid=superman,ou=people,dc=example,dc=com
isMemberOf: cn=goodguys,dc=example,dc=com

If ApacheDS doesn't have this feature, it would be nice to have :)

br,
-- 
Infineon Technologies IT-Services GmbH   Martin.Schuster1@infineon.com
Lakeside B05, 9020 Klagenfurt, Austria   Martin Schuster
         FB: LG Klagenfurt, FN 246787y   +43 5 1777 3517


---------------------------------------------------------------------------------------------------------
This e-mail message may contain privileged and/or confidential information, and is intended
to be received only by persons entitled to receive such information. If you have received
this e-mail in error, please notify the sender immediately. Please delete it and all attachments
from any servers, hard drives or any other media. Other use of this e-mail by you is strictly
prohibited.


All e-mails and attachments sent and received are subject to monitoring, reading and archival
by Monsanto, including its subsidiaries. The recipient of this e-mail is solely responsible
for checking for the presence of "Viruses" or other "Malware". Monsanto, along with its subsidiaries,
accepts no liability for any damage caused by any such code transmitted by or accompanying
this e-mail or any attachment.
---------------------------------------------------------------------------------------------------------


Mime
View raw message