On 05/17/2013 12:05 PM, Jonathan Vaughn wrote:
Yeah, it works fine. No restarts needed. TL;DR: the interface library
I was writing is set up to prevent you from assigning multiple values
to attributes that are SINGLE-VALUE - and I forgot that even if you
only get 1 value from ldap with PHP's functions its still an array
('count' => 1, 0 => [value]) and so I was silently throwing them away
(hadn't gotten around to putting in actual errors for these yet). :D
Totally my fault.
Ok. Thanks for the info.
On Fri, May 17, 2013 at 11:49 AM, Rich Megginson <rmeggins(a)redhat.com
<mailto:rmeggins@redhat.com>> wrote:
On 05/17/2013 10:40 AM, Jonathan Vaughn wrote:
> Oops. It looks like the results are coming back they're just
> getting partially eaten somewhere in our code.
>
> Still, weird that the GUI shows it all grayed out - that's what
> led me to believe something wasn't set right on the LDAP entry. I
> googled for a solution and found some ancient post where someone
> thought you had to restart 389ds server for it to notice the
> change (which seemed silly to me ... ),
Should not require a restart.
> hence why I came here thinking surely it can't be that... there
> must be a way! :D
>
> On Thu, May 16, 2013 at 9:36 PM, Rich Megginson
> <rmeggins(a)redhat.com <mailto:rmeggins@redhat.com>> wrote:
>
> On 05/16/2013 06:06 PM, Jonathan Vaughn wrote:
>> We're trying to create accounts (with the posixaccount
>> objectclass and so forth) via LDAP, and while we can add the
>> objectclasses and set the attributes without error, the
>> attributes for posixaccount don't show up on subsequent LDAP
>> queries. Looking at the entry via the 389 Console I see that
>> the values were set correctly but the checkbox for 'Enable
>> Posix User Attributes' is unechecked - I had thought
>> checking this merely added the relevant objectclass but
>> apparently there's some other special magic occuring.
>>
>> How can we "enable" these attributes (so that we can than
>> retrieve them via LDAP later) via LDAP ? Manually going in
>> via the console and "enabling" them via the checkbox for
>> every new account is not a "solution".
>
> Create a user in the console which you have done the 'Enable
> Posix User Attributes' - do an ldapsearch to see what that
> LDIF looks like - compare that with your script or LDIF that
> you are using to automate.
>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
<mailto:389-users@lists.fedoraproject.org>
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
>