Linus van Geuns wrote: > [...] > I guess, your web app was designed for M$ Active Directory, as it > stores group memberships in the groups object AND in the users object > using 'memberOf' attribute. > > Standard LDAP only stores group membership in the group objects. > [...] I'm working with a SunDS (modified Novell LDAP server afaik), and it also has this feature, i.e. if you have a group
dn: cn=goodguys,dc=example,dc=com uniqueMember: uid=superman,ou=people,dc=example,dc=com then the entry for this user will automatically have a correct "isMemberOf" attribute dn: uid=superman,ou=people,dc=example,dc=com isMemberOf: cn=goodguys,dc=example,dc=com If ApacheDS doesn't have this feature, it would be nice to have :) br, -- Infineon Technologies IT-Services GmbH [email protected] Lakeside B05, 9020 Klagenfurt, Austria Martin Schuster FB: LG Klagenfurt, FN 246787y +43 5 1777 3517
