ldap issues
Thomas Jensch
riepernet at fsfe.org
Mon Mar 20 07:41:14 CET 2023
Hello,
I stumbled upon a ldap issue. Since I am no expert in this field, I
welcome any help to solve the problem.
The other day I enabled some other services like openproject, jellyfin
to access the kolab-ldap.
In kolab I set up several "Simple Group (Static)" to restrict access.
Also, I enabled the memberOf-overlay so the applications can filter
allowed users by (memberOf=cn=<groupname>,ou=Groups,...).
So far, so good, that works.
However, now it is not possible to change the password anymore for any
user with a memberOf-attribute. The webadmin only states "internal
error". In the dirsrv error log I found some entry
oc_check_allowed_sv ... attribute "memberOf" not allowed
and the pykolab.log states "WARNING [1825] Option does not exist in
defaults" with timestamps of the change password attempt.
I am not quite sure how to tackle the issue.
After disableing the memberOf-overlay and deleting the attribute from
the users in question I am able to change the passwords again.
Thanks very much
Thomas
More information about the users
mailing list