Hello everybody, Not very familiar with ldap schemas, I’m
struggling with identifier of people and groups in an openldap directory. This question
should not be specific to openldap but I does not found anything clear in RFCs. My current understanding is: -
uidNumber is a unique
number amongst users (posixAccount??), thus each instance of objectclass posixAccount
has a different uidNumber (which is generated by the directory I assume??), -
gidNumber is the same
thing as above but for PosixGroup instances. -
posixAccount has also a
gidNumber attribute but this is the gidNumber referencing primary group of this
user. I would like to browse the attributes of members of a
posixGroup, and I suppose that it is contained in memberUid multi valued
attribute. So, my question is simple : if I’m not wrong
until now, what attribute is contained in memberUid for referencing users and
group ? It should be a attribute fro which unicity is preserved amongst
posixAccount AND posixGroup ? If it is not (which is the case in gidNumber and
uidNumber) how do you know if it is a group or a user you have to search for,
and how can you retrieve the correct instance? Thanks for your clues, Richard |