Hello, I've read that the schema compatibility plugin should provide a vanilla RFC 2307 view of groups with memberUid attributes. I need this for our OS X clients, which don't seem capable of understanding the RFC 2307bis format of member DNs.
So, I enabled the plugin using `ipa-compat-manage enable` and ensured it's loaded via `ipa-compat-manage status`. I restarted the directory server. However, I don't get memberUid attributes. I've seen some docs that say "cn=compat" should be added to the default base, but that returns nothing: ldapsearch -LLL -x -h sbgrid-directory -b cn=groups,cn=accounts,cn=compat,dc=sbgrid,dc=org cn=builders No such object (32) Matched DN: dc=sbgrid,dc=org When I search the default base, things look unchanged (obviously, no memberUid here): ldapsearch -LLL -x -h sbgrid-directory -b cn=groups,cn=accounts,dc=sbgrid,dc=org cn=builders | grep member member: uid=ian,cn=users,cn=accounts,dc=sbgrid,dc=org I seem to remember when I first setup the FreeIPA server, there *was* a cn=compat tree... did disabling it at some point cause it to stop working? Best, Ian _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
