Re: [SGD-Users] Can't see groups using Sun One's Ldap ver 5.2

Wed, 21 Jan 2009 23:43:56 -0800 

Hi David,
It sounds like the Admin Console doesn't recognize the group objects, are they of a custom type? You can confirm this by using the ldapsearch command to retrieve the objectClass attributes of one of the group objects: 


## Note you only need the -D -w options if your directory server doesn't 
allow anonymous searches.
# ldapsearch -h <ldap-server> [-D <bind_dn> -w -] -b <dn_of_a_group> "*" 
objectclass


The Admin Console, by default, matches the following filter:

"(|(objectclass=group)(objectclass=groupofnames)(objectclass=groupofuniquenames))"


This can be customized if needed by editing 
/opt/tarantella/webserver/tomcat/<tc_version>/webapps/sgdadmin/WEB-INF/web.xml 
and changing the LdapGroupFilter parameter.


Also, you could try adding the group assignment from the command line:

# /opt/tarantella/bin/tarantella object edit \
   --name "o=Applications/<application_object_name>" \
   --ldapgroups "<dn_of_a_group>"

Hope this helps,

-- DD

David Worth wrote:

Hi,


I just recently installed SGD version 4.41 on Solaris 10.  I want to 
authenticate against Sun's Java System Directory, formerly known as 
Sun One Directory Server.  I was successfully able to setup LDAP and I 
am able to see users, however when I go to browse groups, I get no 
objects found.  I am doing this while adding a group to assigned user 
profiles for an application.



I followed the steps in the SGD documentation as far as adding an 
atribute for SGD when searching groups.  The members of the group are 
added to memberUid.  I also added the uid to the short name 
attribute.  Here is what I added:



tarantella config list 
--com.sco.jndi.toolkit.utils.LDAPUserCollection.properties-directAttributes 


directAttributes: { uniquemember, member, uniqueMember, memberUid }


tarantella config list 
--com.sco.jndi.toolkit.utils.LDAPUserCollection.properties-userShortAttributes 


userShortAttributes: { uid }


Is there something else that I am missing?  I am guessing there is 
another step, since at this point I can not even browse any of the 
groups, i.e. when I click on groups in the admin window, I get none 
found.


Thanks for any help.
Regards

_______________________________________________
SGD-Users mailing list
SGD-Users@filibeto.org
http://www.filibeto.org/mailman/listinfo/sgd-users


_______________________________________________
SGD-Users mailing list
SGD-Users@filibeto.org
http://www.filibeto.org/mailman/listinfo/sgd-users






















					Reply via email to