Re: Search memberOf

[Arianna Milazzo <arianna@ariannamicrochip.it>]

I have a "member" table defined as:

id (= id record) - gid (= group id) - pers_id (= person id)

the others table involved are "groups" table (gid - name - cn - dn)

and persons (id - name - surname - .....) [where id is same of keyval in ldap_entries]

2018-08-08 19:20 GMT+02:00 Dieter Klünter <dieter@dkluenter.de>:

Am Wed, 8 Aug 2018 15:19:23 +0200
schrieb Arianna Milazzo <arianna@ariannamicrochip.it>:

> Ok, I understand that it isn't supported, but at the moment I can't
> try other solutions.
> And since that aside from that filter, the rest works, I don't want
> to give up like that.
>
> Infact if I look for the following values (then on the groups)
> Search base: cn=groupname,ou=group,dc=pigreco,dc=it
> Filter: (member=cn=Name Surname,ou=people,dc=pigreco,dc=it)
> I get if Name Surname is part of the groupname group
>
> If I search
> Search base: dc=pigreco,dc=it
> Filter: (member=cn=Name Surname,ou=people,dc=pigreco,dc=it)
> I get the list of which groups Name Surname belongs
>
> *But with this (then on the people)*
> Search base: dc=pigreco,dc=it
> Filter: (memberOf=cn=groupname,ou=group,dc=pigreco,dc=it)
>
>
> *I have no result and in the log I read:get_ava: illegal value for
> attributeType memberof*

please note that memberOf attributetype is defined as:

( 1.2.840.113556.1.2.102 "
                "NAME 'memberOf' "
                "DESC 'Group that the entry belongs to' "
                "SYNTAX '1.3.6.1.4.1.1466.115.121.1.12' "
                "EQUALITY distinguishedNameMatch " 
                "USAGE dSAOperation " 
                "NO-USER-MODIFICATION "
                )
do you have defined any table for this sort of operational attributes.

-Dieter

--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E