groups and memberof attribute
Mihai Badici
mihai at badici.ro
Mon Dec 29 22:19:41 CET 2014
On Monday 29 December 2014 21:29:08 Nikolai Maziashvili wrote:
> Hi,
>
> Usually when i make query on user i get "memberof" ... list of groups
> user is member of... but it seem to me that although i add users to
> several groups i can't get information on their "memberof". Only when i
> query info on group i get "uniquemember" list. I think this luck of
> "memberof" attribute what makes it impossible for me to filter users on
> group bases.
> I could be way off here :), so please don't be shy to educate me.
>
> Kind regards,
> Nikolai
I think this discussion about the opportunity of "memberof" has been long time
ago and the answer was: no :)
As I know, Active Directory is the only directory who use the "memberof"
object.
In some cases you probably need two queries. In other cases you can query for
uniquemember like: ldapsearch -b dc=mydomain,dc=eu -D "cn=Directory Manager"
-x -W uniqueMember="cn=Directory Manager" cn
This will return the groups where Directory Manager is member. You will need
the full cn .
Postfix has a special configuration key for this case:
I use somethink like :
search_attribute = member
query_filter = (&(objectclass=groupofnames)(cn=%s))
result_attribute = uid
special_result_attribute = member
( groupofnames is from inetorgperson schema if i remember well)
>
> PS i have tried creating normal posix groups and "simple" groups, none
> of them gets filtered on. For example owncloud, can detect and
> authenticate all users, can list all (only posix) groups, but it won't
> filter on them. Same goes for other applications and plain ldapsearch
> too.
> _______________________________________________
> users mailing list
> users at lists.kolab.org
> https://lists.kolab.org/mailman/listinfo/users
--
Mihai Bădici
http://mihai.badici.ro
More information about the users
mailing list