[Date Prev][Date Next] [Chronological] [Thread] [Top]

posixGroup & adressbook

To: openldap-software@OpenLDAP.org
Subject: posixGroup & adressbook
From: Waldemar Brodkorb <wbx@luusa.org>
Date: Fri, 27 Sep 2002 01:20:39 +0200
Content-disposition: inline
User-agent: Mutt/1.4i

Hi OpenLDAP'ers,

We use OpenLDAP 2.0.25 on Debian Linux 3.0 for an organisation wide adressbook 
and unix logins. We are finetuning our setup and encountered a
problem. I'll appreciate your comments, how to solve the problem. 

The objectclass "posixGroup" use the attribute "cn", so that we get
a naming problem for the RDN and unixgroupname. 

All preferred mailclients (Netcape/Mozilla/Pine) search for cn
entries, so that all unix groups are shown for the client. 
This short name is not very informative for an enduser.
(for example: "bachelor02" instead of "List of all bachelor students
2002") 

If we add another "cn" entry, every mailclient behaves differently,
netscape use the second entry, pine the first ... not very
determinist.

I would prefer a server side solution.

Any hints?

One idea I have, is to use a new objectclass with one attribute
(addonGroup/groupName) which every group will include. 
Then I could patch nss_ldap to search for "groupName" instead of
"cn". (necessary modifications to nss-ldap, seems to be very small) 

But I don't know if this will break anything else.

thanks in advance for any response.

bye
  Waldemar

-- 
8485 D0CE 2743 656E 867C  5C93 0317 AFD8 BE21 BD90

Prev by Date: RE: Authentication using DN or uid? - RESOLVED
Next by Date: Invalid credentials again :///
Index(es):
- Chronological
- Thread