Announcement

Collapse
No announcement yet.

groups not created when using memberAttributeIsDN=yes

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • groups not created when using memberAttributeIsDN=yes

    I have a ldap schema where membership to the group is defined using a complete dn like "uid=username,ou=users,dc=ldap" so I have configured ldapsync.conf to use "memberAttributeIsDN=yes", but when synchronising it doesn't create the groups.

    I've been checking the code and I've seen the function getUid() has a commented part. I tried to uncomment this and it worked straight away.

    I don't know why it was changed but it seems the new code doesn't work with the configuration I have.

  • #2
    Hi fr3nd,

    we expirienced the same problems. after checking the code i found the problem which was an incorrect search filter / dn combination. please modify "lib/OX/LDAPConnector/ldap.pm" in the following way and check again :

    ################################################## ##
    #
    # returns the uid from a distinguished name
    #
    ################################################## ##
    sub getUid()
    {
    my $self = shift;
    my $dn = shift;

    my $ldap = $self->{ldap};
    my $basedn = $self->{userbasedn};

    my $filter = "dn=$dn";

    #BEGIN MODIFICATION
    my @splitdn = split(/,/, $dn);
    my $filter = shift(@splitdn);
    my $basedn = join(",", @splitdn);

    my $mesg = $self->subsearch($ldap, $basedn, $filter);
    if (my $entry = $mesg->pop_entry())
    {
    print ($entry->get_value($self->{uidattribute})."\n");
    return ($entry->get_value($self->{uidattribute}));
    }
    #END MODIFICATION
    }

    with kind regards
    lars

    Comment


    • #3
      Hi,

      can you please tell what kind of ldap server you are using? I don't really where the problem with this function is.

      Comment


      • #4
        Hi,
        we're using OpenLDAP 2.4.12 on SuSE Linux Enterprise Server 11. However, by checking the source code of oxldapsync and using the generated search filter with ldapsearch on the command line we modified the source code as already posted and the oxldapsync worked fined.

        kind regards
        lars

        Comment

        Working...
        X