« 返回到 LDAP

LDAP with OpenDS

标签: ldap opends opendj

You can see the configurations in following pictures. 

 

0 附件
33654 查看
平均 (0 票)
满分为 5,平均得分为 0.0。
评论
讨论主题回复 作者 日期
whole the appreciation goes to Tom Yeo. Chris Shayan 2009年12月11日 上午2:34
Hi Chris, Can you add some more details about... Jorge Ferrer 2009年12月11日 上午9:53
Hey about mentionidng the name you're right,... Chris Shayan 2009年12月12日 上午10:31
Also, since I spent some time to find out:... Bruno Vernay 2010年10月22日 上午5:09

whole the appreciation goes to Tom Yeo.
在 09-12-11 上午2:34 发帖。
Hi Chris,

Can you add some more details about the configuration?

Also, please avoid mentioning names in the wiki article text, since that discourages further collaboration by other community members.
在 09-12-11 上午9:53 发帖。
Hey
about mentionidng the name you're right, but in the comments i should mention the Tom Yeo's name just to take care about his credit as well. Thx for notice.

What kind of detail configuration you want to know?
在 09-12-12 上午10:31 发帖以回复 Jorge Ferrer
Also, since I spent some time to find out: "isMemberOf" is an "Operational" attribute.

It means that it is calculated from the Group's "member" (or "uniqueMember") attribute, which by opposition is a "User defined" attribute.

Why it is important ? Because "Operational" attribute does not behave like "User defined" attribute. For example, if you define an ACL to authorize read access to all attribute, you may write:
aciemoticontarget = "ldap:///ou=people,dc=ZZtop,dc=com")
(targetattr="*")
(version 3.0; acl "Read all user defined attributes";
allow (read) userdn="ldap:///uid=LifBind,ou=systemAccount,dc=ZZtop,dc=com";)

But if you want to be able to read the "operational" attribute "isMemberOf", you will have to be specific: (targetattr="*||isMemberOf")

Hope that it will avoid others to loose some hours.
By the way check out OpenDJ: http://forgerock.com/opendj.html
在 10-10-22 上午5:09 发帖。