LDAP Groups

[MaxM]

I ran this command and it did give me a list of groups I am in:

ldapsearch -x -b "ou=group,dc=company,dc=com" "(&(memberUid=myuid)(objectClass=groupofuniquename s))" cn

I was also able to run:
ldapsearch -x -b "ou=group,dc=company,dc=com" "(&(uniqueMember=uid=myuid,ou=people,dc=company,dc =com)(objectClass=posixgroup))" cn

Ok thats great! I'll probably make that query configurable and have a variable $1 be substituted with the username.

Can someone with Novell's eDirectory please try this?

[jamest]

Dunno if this is off topic since i'm not talking about Novell eDirectory.

I'm using OpenLDAP and i can see the groups but it won't pull the members of the groups.

i set the following:

groupquery: (cn=$1)
groupqueryall: (objectclass=posixgroup)
groupmembersattribute: memberUid

[MaxM]

Dunno if this is off topic since i'm not talking about Novell eDirectory.

I'm using OpenLDAP and i can see the groups but it won't pull the members of the groups.

Thats correct -- group members aren't displayed but a user should list what groups they're a part of when doing a GET: users/{username}

[jamest]

I'm not getting associated groups when i query the user:

So i goto the browser and enter:
https://wiki/@api/deki/services/default/10/users/james

I get:
<user name="james" displayname="James">
<ldap-dn>uid=james,ou=People,dc=example,dc=com</ldap-dn>
<date.created>0001-01-01T08:00:00Z</date.created>
<firstname>james</firstname>
<lastname>t</lastname>
<phonenumber>1800</phonenumber>
<email>james@example.com</email>
<description/>
</user>

That's using the current group settings i have.

So wouldn't the groupquery: cn=$1 conflict with the userquery i have where uid=$1
so they'd both be trying to find an id of the username when i query the user?

Only thing is if i leave the groupquery: $1 out of the service definitions then it won't find groups
when i try to with only groupqueryall and memberuidattribute it results in a "not found"

Thanks,
James

[dashu]

Is anyone working on the openldap group issue? Couldn't find it in Mantis as an issue that is being worked on. This thread hasn't had a post in almost three weeks.

[MaxM]

Is anyone working on the openldap group issue? Couldn't find it in Mantis as an issue that is being worked on. This thread hasn't had a post in almost three weeks.

It hasn't been actively worked on yet. I'm going to make this change soon and post a new binary for everyone to beta test. Meanwhile, if someone wants to volunteer to post a bug detailing some of the info in this thread that'd be helpful.

Thanks!

[MaxM]

Take a look here http://wiki.opengarden.org/Deki_Wiki...Authentication

for a possible for to this issue using the approach discussed above. Please post any feedback regarding this beta release here: http://forums.opengarden.org/showthread.php?t=2681