« LDAP に戻る

LDAP with OpenDS

タグ: ldap opends opendj

You can see the configurations in following pictures. 

 

0 添付ファイル
33652 参照数
平均 (0 投票)
平均評価は0.0星中の5です。
コメント
コメント 作成者 日時
whole the appreciation goes to Tom Yeo. Chris Shayan 2009/12/11 2:34
Hi Chris, Can you add some more details about... Jorge Ferrer 2009/12/11 9:53
Hey about mentionidng the name you're right,... Chris Shayan 2009/12/12 10:31
Also, since I spent some time to find out:... Bruno Vernay 2010/10/22 5:09

whole the appreciation goes to Tom Yeo.
投稿日時:09/12/11 2:34
Hi Chris,

Can you add some more details about the configuration?

Also, please avoid mentioning names in the wiki article text, since that discourages further collaboration by other community members.
投稿日時:09/12/11 9:53
Hey
about mentionidng the name you're right, but in the comments i should mention the Tom Yeo's name just to take care about his credit as well. Thx for notice.

What kind of detail configuration you want to know?
Jorge Ferrerへのコメント。投稿日時:09/12/12 10:31
Also, since I spent some time to find out: "isMemberOf" is an "Operational" attribute.

It means that it is calculated from the Group's "member" (or "uniqueMember") attribute, which by opposition is a "User defined" attribute.

Why it is important ? Because "Operational" attribute does not behave like "User defined" attribute. For example, if you define an ACL to authorize read access to all attribute, you may write:
aciemoticontarget = "ldap:///ou=people,dc=ZZtop,dc=com")
(targetattr="*")
(version 3.0; acl "Read all user defined attributes";
allow (read) userdn="ldap:///uid=LifBind,ou=systemAccount,dc=ZZtop,dc=com";)

But if you want to be able to read the "operational" attribute "isMemberOf", you will have to be specific: (targetattr="*||isMemberOf")

Hope that it will avoid others to loose some hours.
By the way check out OpenDJ: http://forgerock.com/opendj.html
投稿日時:10/10/22 5:09