Menu
▾
▴
Re: [webmin-devel] LDAP Groups and RFC2307BIS
|
From: Jamie C. <jca...@we...> - 2013-12-21 22:01:40
|
On 21/Dec/2013 10:24 Stephen G. Parry <sg...@ma...> wrote .. > Hi, > I have recently had to reconfigure my OpenLDAP server to use RFC2307bis > groups, rather than the more usual RFC2307. A lot of admins are finding > the need to do this, mainly to get a working memberOf attribute for use > with many popular applications such as owncloud that are too dim to make > separate group and user lookups. The main difference between 2307 and > 2307bis is that the members of a group are store in 'member' or > 'uniqueMember' attributes, not 'memberUid', and they are DNs not just > uids . Unfortunately, the webmin LDAP users and groups module does not > appear to cope with this. I have stuck my nose into the code and indeed, > the attribute name appears to be hard coded and is uid only. Has anyone > done any work on this? I could try knocking together a patch, but I am > not a perl coder, so the learning curve would be steep. > Thanks in advance > Stephen Parry Hi Stephen, Does using RFC2307bis mean that the schema for Unix users and groups stored in LDAP changes? My understanding is that the schema is what defines the names of fields, and that changing this would also break NSS-LDAP (the Linux library that allows users and groups to be stored in LDAP). - Jamie |
