Re: Trouble enabling memberof plugin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I did restart the server.  The following is an example of a user entry:

dn: uid=craig@xxxxxxxx,ou=demo,ou=People,dc=demo,dc=com
objectClass: accountPolicy
objectClass: inetOrgPerson
objectClass: inetUser
objectClass: nuxeoUser
objectClass: organizationalPerson
objectClass: person
objectClass: pwmUser
objectClass: top
cn: Craig Setera
sn: Setera
givenName: Craig
mail: craig@xxxxxxxx
uid: craig@xxxxxxxx

Here is an example of a group:

dn: cn=administrators,ou=demo,ou=Groups,dc=demo,dc=com
objectClass: groupOfUniqueNames
objectClass: top
cn: administrators
uniqueMember: uid=craig@xxxxxxxx,ou=demo,ou=People,dc=demo,dc=com

The problem that I'm seeing is that having looked at the plugin's source code, I would have expected to at least see this message in the log even if things were misconfigured:

slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,
        "--> memberof_postop_init\n" );

It is almost like the plugin is not being loaded.  However, the configuration seems like it should be fine...

Thanks again,
Craig

On Tue, Sep 8, 2015 at 2:12 PM, Mark Reynolds <mareynol@xxxxxxxxxx> wrote:


On 09/08/2015 03:06 PM, Craig Setera wrote:
Mark,

Thanks for getting back to me.  Hopefully the following will help.

[root@62ca40b09276 /]# rpm -qa 389-ds-base
389-ds-base-1.2.11.15-60.el6.x86_64

In case it matters, I'm running CentOS 6.6 inside of Docker:

[root@62ca40b09276 /]# uname -a
Linux 62ca40b09276 4.0.9-boot2docker #1 SMP Thu Aug 13 03:05:44 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

I'm using the following LDIF entries to enable the plugin:

dn: cn=MemberOf Plugin,cn=plugins,cn=config
changetype: modify
replace: nsslapd-pluginEnabled
nsslapd-pluginEnabled: on
-
replace: memberofgroupattr
memberofgroupattr: uniqueMember
-
replace: memberofattr
memberofattr: memberOf

 Hi Craig,

Did you restart the server after making the above config changes?  You need to.

Do you have an objectclass present in the member entry that allows the "memberOf" attribute?  Like "inetUser". 

Are you adding a "uniqueMember" attribute to a group(and not the "member" attribute)?

Mark

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux