[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
memberOf attributes not working through slapd-ldap backend
- To: openldap-technical@openldap.org
- Subject: memberOf attributes not working through slapd-ldap backend
- From: Liam Gretton <liam.gretton@leicester.ac.uk>
- Date: Thu, 27 May 2010 22:12:38 +0100
- Organization: IT Services, University Of Leicester
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.1.8) Gecko/20100227 Thunderbird/3.0.3
Hi,
Main LDAP server is 2.4 on openSUSE. The memberof overlay is in use.
On any openSUSE clients (also OpenLDAP 2.4), ldapsearch on a uid with a
'+' for the attribute arguments correctly returns the memberOf
attributes as created by the overlay.
On Scientific Linux 5.4 I have a build of OpenLDAP 2.4 (not mine,
supplied by our vendor which repackages some components). I've setup a
proxy server there which uses slapd-ldap to proxy connections back to
the openSUSE LDAP server.
On the SL system, ldapsearch talking directly to the openSUSE server
correctly returns the memberOf attributes when using '+'. But when going
through the local proxy server, they don't appear. The server log says
"PROXIED attributeDescription "MEMBEROF" inserted"; if I specify the
attribute explicitly (e.g. ldapsearch uid=liam memberof) the memberOf
attributes are displayed, but all in capitals, as if there's a schema
missing.
One possibly important point: we're using the rfc2307bis schema on our
main server, and this isn't supplied with the SL distribution of
OpenLDAP, so I've just copied it over to the SL system.
I think this suggests a broken build of OpenLDAP 2.4 supplied by our
vendor, but is there anything I might be doing wrong? The proxy server's
slapd.conf file is as so:
include /cm/local/apps/openldap/etc/schema/core.schema
include /cm/local/apps/openldap/etc/schema/cosine.schema
include /cm/local/apps/openldap/etc/schema/inetorgperson.schema
include /cm/local/apps/openldap/etc/schema/rfc2307bis.schema
include /cm/local/apps/openldap/etc/schema/rcsperson.schema
argsfile /var/run/openldap/slapd.args
pidfile /var/run/openldap/slapd.pid
database ldap
monitoring off
uri ldap://opensuse.ldapserver.example.com
tls start tls_cacertdir=/etc/openldap/certs
suffix dc=example,dc=com
rootdn "cn=admin,dc=example,dc=com"
--
Liam Gretton liam.gretton@le.ac.uk
HPC Architect http://www.le.ac.uk/its/
IT Services Tel: +44 (0)116 2522254
University Of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom