0
Я использую 64-разрядную версию CentOs 6.x, и я пытаюсь установить атрибуты memberof для наложения элементов в openldap, но он, похоже, не работает. Я уверен, что это то, что я делаю, но я не понял почему.Элементы Openldap элементов наложения не действуют. Зачем?
Отрывок из моей резервной LDIF выглядеть следующим образом:
dn: dc=two,dc=example,dc=com
description: Example.Com, your trusted non-existent corporation.
dc: two
o: Two.Example.Com
objectClass: top
objectClass: dcObject
objectClass: organization
structuralObjectClass: organization
entryUUID: db07fc76-375c-1034-9316-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.520657Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: ou=Users,dc=two,dc=example,dc=com
ou: Users
description: Two.Example.Com Users
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: db0fb5ba-375c-1034-9317-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.571271Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: ou=Groups,dc=two,dc=example,dc=com
ou: Groups
description: Two.Example.Com Groups
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: db13850a-375c-1034-9318-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.596246Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: ou=System,dc=two,dc=example,dc=com
ou: System
description: Special accounts usedd by software applications.
objectClass: organizationalUnit
structuralObjectClass: organizationalUnit
entryUUID: db161c5c-375c-1034-9319-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.613008Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: uid=matt2,ou=Users,dc=two,dc=example,dc=com
ou: Users
cn: Matt2 Butcher
sn: Butcher
givenName: Matt2
givenName: Matthew2
displayName: Matt2 Butcher
title: Systems Integrator
description: Systems Integration and IT for Example.Com
employeeType: Employee
departmentNumber: 001
employeeNumber: 001-08-98
mail: [email protected] two.example.com
mail: [email protected] two.example.com
roomNumber: 301
telephoneNumber: + 1 555 555 4321
mobile: + 1 555 555 6789
st: Illinois
l: Chicago
street: 1234 Cicero Ave.
homePhone: + 1 555 555 9876
homePostalAddress: 1234 home street $ Chicago, IL $ 60699-1234
preferredLanguage: en-us, en-gb
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
structuralObjectClass: inetOrgPerson
uid: matt2
entryUUID: db1758d8-375c-1034-931a-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
userPassword:: c2VjcmV0Mg==
entryCSN: 20150212215925.305826Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150212215925Z
dn: uid=barbara2,ou=Users,dc=two,dc=example,dc=com
ou: Users
uid: barbara2
sn: Jensen
cn: Barbara2 Jensen
givenName: Barbara
displayName: Barbara2 Jensen
mail: [email protected] two.example.com
userPassword:: c2VjcmV0Mg==
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
structuralObjectClass: inetOrgPerson
entryUUID: db1b2904-375c-1034-931b-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.646304Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: cn=LDAP Admins,ou=Groups,dc=two,dc=example,dc=com
cn: LDAP Admins
ou: Groups
description: Users who are LDAP administrators
uniqueMember: uid=barbara2,ou=Users,dc=two,dc=example,dc=com
uniqueMember: uid=matt2,ou=Users,dc=two,dc=example,dc=com
objectClass: groupOfUniqueNames
structuralObjectClass: groupOfUniqueNames
entryUUID: db1c6a26-375c-1034-931c-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 20150212205145.765939Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150212205145Z
dn: uid=authenticate,ou=System,dc=two,dc=example,dc=com
uid: authenticate
ou: System
description: Special account for authenticating users
userPassword:: c2VjcmV0Mg==
objectClass: account
objectClass: simpleSecurityObject
structuralObjectClass: account
entryUUID: db1dbbe2-375c-1034-931d-31842acd382b
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 2015Z
entryCSN: 2015.663007Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 2015Z
dn: cn=PentahoAdmin,dc=two,dc=example,dc=com
cn: PentahoAdmin
description: PentahoAdmin Group
objectClass: groupOfUniqueNames
structuralObjectClass: groupOfUniqueNames
entryUUID: a2b8ea68-45aa-1034-9bad-9b580235c5b1
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150210195624Z
uniqueMember: uid=barbara2,ou=Users,dc=two,dc=example,dc=com
entryCSN: 20150212205241.018162Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150212205241Z
dn: cn=PentahoPowerUser,dc=two,dc=example,dc=com
cn: PentahoPowerUser
description: PentahoPowerUser Group
objectClass: groupOfUniqueNames
structuralObjectClass: groupOfUniqueNames
entryUUID: a2bd52f6-45aa-1034-9bae-9b580235c5b1
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150210195624Z
uniqueMember: uid=matt2,ou=Users,dc=two,dc=example,dc=com
entryCSN: 20150212205232.847745Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150212205232Z
dn: cn=PentahoUser,dc=two,dc=example,dc=com
cn: PentahoUser
uniqueMember: uid=barbara2,ou=Users,dc=two,dc=example,dc=com
uniqueMember: uid=matt2,ou=Users,dc=two,dc=example,dc=com
uniqueMember: uid=test1,ou=People,dc=two,dc=example,dc=com
description: PentahoUser Group
objectClass: groupOfUniqueNames
structuralObjectClass: groupOfUniqueNames
entryUUID: a2be5214-45aa-1034-9baf-9b580235c5b1
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150210195624Z
entryCSN: 20150220200228.971207Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150220200228Z
dn: ou=Group,dc=two,dc=example,dc=com
objectClass: organizationalUnit
ou: Group
structuralObjectClass: organizationalUnit
entryUUID: 5f75e188-480d-1034-84d8-d19f432d9181
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150213204813Z
entryCSN: 20150213204813.728965Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150213204813Z
dn: ou=People,dc=two,dc=example,dc=com
objectClass: organizationalUnit
ou: People
structuralObjectClass: organizationalUnit
entryUUID: 5f79f37c-480d-1034-84d9-d19f432d9181
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150213204813Z
entryCSN: 20150213204813.755642Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150213204813Z
dn: uid=test1,ou=People,dc=two,dc=example,dc=com
objectClass: account
uid: test1
structuralObjectClass: account
entryUUID: 5f7af9e8-480d-1034-84da-d19f432d9181
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150213204813Z
entryCSN: 20150213204813.762359Z#000000#000#000000
modifyTimestamp: 20150213204813Z
memberOf: cn=testgroup,ou=Group,dc=two,dc=example,dc=com
memberOf: cn=PentahoUser,dc=two,dc=example,dc=com
modifiersName: cn=Manager,dc=two,dc=example,dc=com
dn: cn=testgroup,ou=Group,dc=two,dc=example,dc=com
objectClass: groupOfNames
cn: testgroup
structuralObjectClass: groupOfNames
entryUUID: 5f7c3fce-480d-1034-84db-d19f432d9181
creatorsName: cn=Manager,dc=two,dc=example,dc=com
createTimestamp: 20150213204813Z
member: uid=test1,ou=People,dc=two,dc=example,dc=com
entryCSN: 20150213213917.067904Z#000000#000#000000
modifiersName: cn=Manager,dc=two,dc=example,dc=com
modifyTimestamp: 20150213213917Z
Мой slapd.conf фрагмент кода выглядит следующим образом:
##########################
# Database Configuration #
##########################
database hdb
suffix "dc=two,dc=example,dc=com"
rootdn "cn=Manager,dc=two,dc=example,dc=com"
rootpw secret2
directory /var/lib/ldap
# directory /usr/local/var/openldap-data
index objectClass,cn eq
overlay memberof
memberof-group-oc groupOfUniqueNames
memberof-member-ad uniqueMember
memberof-refint true
Когда я выполнить ldapsearch для UID = test1 и запросить атрибут memberOf, он возвращает две группы. Но, когда я выполняю тот же поиск для uid = barbara2, он ничего не возвращает.
Что я делаю неправильно? Почему кажется, что атрибуты memberof в моем slapd.conf игнорируются?
Это было исправление. Спасибо. – BBuzzard