<div dir="ltr"><div><div><div>I did restart the server. The following is an example of a user entry:<br><br>dn: uid=<a href="mailto:craig@demo.com">craig@demo.com</a>,ou=demo,ou=People,dc=demo,dc=com<br>objectClass: accountPolicy<br>objectClass: inetOrgPerson<br>objectClass: inetUser<br>objectClass: nuxeoUser<br>objectClass: organizationalPerson<br>objectClass: person<br>objectClass: pwmUser<br>objectClass: top<br>cn: Craig Setera<br>sn: Setera<br>givenName: Craig<br>mail: <a href="mailto:craig@demo.com">craig@demo.com</a><br>uid: <a href="mailto:craig@demo.com">craig@demo.com</a><br><br></div>Here is an example of a group:<br><br>dn: cn=administrators,ou=demo,ou=Groups,dc=demo,dc=com<br>objectClass: groupOfUniqueNames<br>objectClass: top<br>cn: administrators<br>uniqueMember: uid=<a href="mailto:craig@demo.com">craig@demo.com</a>,ou=demo,ou=People,dc=demo,dc=com<br><br></div>The problem that I'm seeing is that having looked at the plugin's source code, I would have expected to at least see this message in the log even if things were misconfigured:<br><br>slapi_log_error( SLAPI_LOG_TRACE, MEMBEROF_PLUGIN_SUBSYSTEM,<br> "--> memberof_postop_init\n" );<br></div><div><div><div><div><div class="gmail_extra"><br></div><div class="gmail_extra">It is almost like the plugin is not being loaded. However, the configuration seems like it should be fine...<br><br>Thanks again,<br></div><div class="gmail_extra">Craig<br><br></div><div class="gmail_extra"><div class="gmail_quote">On Tue, Sep 8, 2015 at 2:12 PM, Mark Reynolds <span dir="ltr"><<a href="mailto:mareynol@redhat.com" target="_blank">mareynol@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span class="">
<br>
<br>
<div>On 09/08/2015 03:06 PM, Craig Setera
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>Mark,<br>
<br>
Thanks for getting back to me. Hopefully the
following will help.<br>
<br>
[root@62ca40b09276 /]# rpm -qa 389-ds-base<br>
389-ds-base-1.2.11.15-60.el6.x86_64<br>
<br>
</div>
In case it matters, I'm running CentOS 6.6 inside of
Docker:<br>
<br>
[root@62ca40b09276 /]# uname -a<br>
Linux 62ca40b09276 4.0.9-boot2docker #1 SMP Thu Aug 13
03:05:44 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux<br>
<br>
</div>
I'm using the following LDIF entries to enable the plugin:<br>
<br>
dn: cn=MemberOf Plugin,cn=plugins,cn=config<br>
changetype: modify<br>
replace: nsslapd-pluginEnabled<br>
nsslapd-pluginEnabled: on<br>
-<br>
replace: memberofgroupattr<br>
memberofgroupattr: uniqueMember<br>
-<br>
replace: memberofattr<br>
memberofattr: memberOf<br>
<br>
</div>
</div>
</div>
</div>
</blockquote></span>
Hi Craig,<br>
<br>
Did you restart the server after making the above config changes?
You need to.<br>
<br>
Do you have an objectclass present in the member entry that allows
the "memberOf" attribute? Like "inetUser". <br>
<br>
Are you adding a "uniqueMember" attribute to a group(and not the
"member" attribute)?<span class=""><font color="#888888"><br>
<br>
Mark</font></span></div></blockquote></div><br></div></div></div></div></div></div>