I've attempted to answer your questions: dn: CN=Role1,OU=MyApp,OU=Applications,OU=Groups,DC=myCompany,DC=com objectClass: top objectClass: *groupofnames* cn: Role1 description: Standard-User
Or you can use the groupofuniquenames objectclass. dn: CN=FirstName LastName,OU=AD,OU=MyDepartment,DC= My Company,DC=ch Looks like the dc portion of your dn values for your group and user differ: group entry: DC=myCompany,DC=com user entry: DC= My Company,DC=chI am going to guess that "DC=myCompany,DC=com" is the correct value, not "DC= My Company,DC=ch" so I am revising the user entry to:
dn: CN=FirstName LastName,OU=AD,OU=MyDepartment,DC=MyCompany,DC=com objectClass: top *objectClass: someAccount* objectClass: person objectclass:inetOrgPerson objectClass: organizationalPerson *objectClass: user* cn: FirstName LastName sn: LastName givenName: FirstName displayName: FirstName LastNameQuestion, in ApacheDS directory, if the OU=AD,OU=MyDepartment,DC=MyCompany,DC=com& OU=MyApp,OU=Applications,OU=Groups,DC=myCompany,DC=com container structures do not exist, they need to be created before you can add your user and group entry.
On your user entry, I've removed the objectclass line that contains the someAccount and user words. And added inetorgperson.
Once your group and user are created you can add your user to your group via the ApacheDS admin tool or via ldapmodify command line tool via an ldif file.
On 8/16/18 10:33 AM, Milan Tomic wrote:
Hello I am compleatelly new to LDAP and it is much more difficult than I thought. I am trying to develop in Java simple app that would access LDAP. For given userName it would read user rights stored in LDAP (associated user groups) and user properties (givenName, sn, postalCode...). I got .ldif file exported from ActiveDirectory, installed ApacheDS, and naive tried to import .ldif from ActiveDirectory into ApacheDS. It didn't worked. Some objectClases that ActiveDirectory has, ApacheDS doesn't have/support. Now I would like to create as close as possible structure in my local installation of ApacheDS as it is in real ActiveDirectory. User group example: dn: OU=MyApp,OU=Applications,OU=Groups,DC=myCompany,DC=comobjectClass: topobjectClass: organizationalUnitou: MyApp dn: CN=Role1,OU=MyApp,OU=Applications,OU=Groups,DC=myCompany,DC=comobjectClass: topobjectClass: groupcn: Role1description: Standard-UsersAMAccountName: Role1groupType: -2147483646 User example: dn: CN=FirstName LastName,OU=AD,OU=MyDepartment,DC= My Company,DC=chobjectClass: topobjectClass: someAccountobjectClass: personobjectClass: organizationalPersonobjectClass: usercn: FirstName LastName sn: LastName givenName: FirstName displayName: FirstName LastName 1. How do I need to modify original group and user (exported from ActiveDirectory) so that I can import it into ApacheDS?2. How do I assign "group Role1" to the "user" in ApacheDS? Should I add "objectClass: Role1" to the user or something else? Thank you very much in advance,Milan
-- D o n a l d L o h r I n f o r m a t i o n S y s t e m s J a m e s M a d i s o n U n i v e r s i t y 5 4 0 . 5 6 8 . 3 7 3 0 DOS: Bad command or file name bash: command not found
smime.p7s
Description: S/MIME Cryptographic Signature
