OpenLDAP and backlink support.

by Ashley Penney :: Rate this Message:

I didn't get a reply to my last message, but I've done a lot of work on my problem since and I have a more specific question. Does OpenLDAP (any version of) support the backlink functionality? I am trying to use isMemberOf under my uid=apenney,ou=people to determine groups.

If I do "getent group sftpusers" from the command line it finds it, but if I log in it runs this:

SRCHbase="ou=Roles,dc=law,dc=harvard,dc=edu" scope=2deref=3filter="(|distinguishedName=cn=sftpuser:member,ou=roles,dc=law,dc=harvard,dc=edu)(distinguishedName=cn=sftpuser,ou=roles,dc=law,dc=harvard,dc=edu))"

This then fails, and someone who tested this for me said it seemed to work under a non-openldap server, but not on openldap. If anyone else has set up a similar feature (using roles under people to determine groups, rather than listing people under a group), let me know if it works for you.

As it stands I conclude openldap cannot support this kind of search.

« Return to Thread: OpenLDAP and backlink support.