am stuck. Basically, I am looking for a
way to add the memberOf attribute to proxied user entries locally on my
new OpenLDAP server, without affecting the entries in the corporate
OpenLDAP server.
Any help that might point me in the right direction is highly appreciated.
Thanks,
Ingo
On 19.08.2013 15:09, Nick Milas wrote:
> On 19/8/2013 3:23 μμ, Ingo wrote:
>
>>>> To modify the cn=config DIT you'll have to modify the files under
>>>> >>/etc/ldap/slapd.d/cn=config where your config is stored.
>>> >
>>> >NO. do
On 19.08.2013 15:42, btb wrote:
> On 2013.08.19 08.23, Ingo wrote:
>> On 13.08.2013 19:02, btb wrote:
>>> On 2013.08.13 12.17, Quentin PETEL wrote:
>>>> Hi,
>>>>
>>>> To modify the cn=config DIT you'll have to modify the files under
&
On 13.08.2013 19:02, btb wrote:
> On 2013.08.13 12.17, Quentin PETEL wrote:
>> Hi,
>>
>> To modify the cn=config DIT you'll have to modify the files under
>> /etc/ldap/slapd.d/cn=config where your config is stored.
>
> NO. do NOT do this,
Why?
Ingo
sign
r posixGroups and
restrict its parents only to search?
olcAccess: to dn.sub=""
by anonymous search
break
olcAccess: to filter=
"(| (objectClass=posixAccount) (objectClass=posixGroup))"
by anonymous read
does not work (No such object (32)). Any ideas?
Ingo
On 2013-07-02 13:
).
testing it with:
~$ ldapsearch -xLLL "(&(objectClass=posixGroup)(gidNumber=1002))"
dn: cn=gemeinsam,ou=groups,ou=home,dc=hoeft-online,dc=de
cn: gemeinsam
gidNumber: 1002
objectClass: top
objectClass: posixGroup
memberUid: ingo
memberUid: uschi
~$
Now I try to restrict anonymous read