I am trying to set my base dn to the dc=ufv,dc=br but i cannot retrieve group information, here you have it:
Using the full DN, it works ok! sioux@gustav$ ldapsearch -x -w XYZ -D cn=ypldap,ou=appsrv,dc=ufv,dc=br -b ou=group,dc=ufv,dc=br '(objectClass=posixGroup)' But when i take out ou=group: sioux@gustav$ ldapsearch -x -w XYZ -D cn=ypldap,ou=appsrv,dc=ufv,dc=br -b dc=ufv,dc=br '(objectClass=posixGroup)' It does not work. Any suggestion(s)? On Mon, Jul 4, 2011 at 7:09 PM, Nigel Taylor <njtay...@asterisk.demon.co.uk> wrote: > On 07/04/11 21:30, Friedrich Locke wrote: >> >> Hi, >> >> I am trying to get ypldap.conf running and i had a doubt reading >> ypldap.conf man page. I configured my ldap server as: >> >> ou=people,dc=ufv,dc=br holding entries for posixAccount, and >> ou=groups,dc=ufv,dc=br holding entries for posixGroup. >> >> AFAIK, ypldap.conf has only a single "basedn" directive. Due to my >> lack of experience i got confused. >> I would be glad to learn from your experience implementing ypdalp if >> you would like to chare it. >> >> Thanks once more. >> >> Friedrich. >> >> > Hi, > > ou organizational unit, is only relevant if you have multiple. So for the > search base you can omit the ou, your find all in ObjectClass posixGroup or > posixAccount. If you had posixAccount in an ou=Sales and ou=Engineering and > wanted to restrict the query to one of those ou's then you give the ou. > > Rather than "groups" the ou generally is called "group". > > The basedn "dc=ufv,dc=br" is all that is required for more complex you can > put in the filter, > group filter "(&(ObjectClass=PosixGroup)(ou=group))" > > as all PosixGroup are in the ou group so ou=group is always true reduces to. > > group filter "(ObjectClass=PosixGroup)" > > Example extract from my LDIF file... > > dn: ou=people,dc=my,dc=internal,dc=local > objectClass: organizationalUnit > ou: people > > dn: ou=group,dc=my,dc=internal,dc=local > objectClass: organizationalUnit > ou: group > > ..... > dn: cn=napops,ou=group,dc=my,dc=internal,dc=local > objectClass: posixGroup > objectClass: top > cn: napops > gidNumber: 5025 > memberUid: dmell01 > memberUid: npope01 > ..... > > dn: uid=npope01,ou=people,dc=my,dc=internal,dc=local > uid: npope01 > cn: Neil Pope > objectClass: account > objectClass: posixAccount > objectClass: top > uidNumber: 5058354 > gidNumber: 5069 > gecos: Neil Pope > homeDirectory: /home/npres01 > loginShell: /bin/ksh > ..... > > > Regards > > Nigel Taylor
