Hi,
persons should use inetOrgPerson and PosixAccount schemas :
gidNumber gives primary group.
Then define specific branch ou=posix based on PosixGroup schema and add
the uid of the person in memberUid multiple values attribute to specify
secondary gid.
Regards
Llg
Le 22/02/2012 10:22, Fred van Zwieten a écrit :
Hi all,
warning: openldap newbie..
is it possible to have a person put into an OU and, because of this,
will become member of some group in such a way that this group shows
up in linux using "id". This to implement some form of RBAC. I found
GroupofMembers, but that has nothing to do with OU's. Also, it seems
posixGroup and groupOfMembers objecttypes are no longer allowed
together because the are both STRUCTURAL.
In AD this is possible.
Greetz,
Fred <http://epsilon.eridani.nl>
