Yeah, it works fine. No restarts needed. TL;DR: the interface library I was
writing is set up to prevent you from assigning multiple values to
attributes that are SINGLE-VALUE - and I forgot that even if you only get 1
value from ldap with PHP's functions its still an array ('count' => 1, 0
=>
[value]) and so I was silently throwing them away (hadn't gotten around to
putting in actual errors for these yet). :D Totally my fault.
On Fri, May 17, 2013 at 11:49 AM, Rich Megginson <rmeggins(a)redhat.com>wrote:
On 05/17/2013 10:40 AM, Jonathan Vaughn wrote:
Oops. It looks like the results are coming back they're just getting
partially eaten somewhere in our code.
Still, weird that the GUI shows it all grayed out - that's what led me
to believe something wasn't set right on the LDAP entry. I googled for a
solution and found some ancient post where someone thought you had to
restart 389ds server for it to notice the change (which seemed silly to me
... ),
Should not require a restart.
hence why I came here thinking surely it can't be that... there must be
a way! :D
On Thu, May 16, 2013 at 9:36 PM, Rich Megginson <rmeggins(a)redhat.com>wrote:
> On 05/16/2013 06:06 PM, Jonathan Vaughn wrote:
>
> We're trying to create accounts (with the posixaccount objectclass and so
> forth) via LDAP, and while we can add the objectclasses and set the
> attributes without error, the attributes for posixaccount don't show up on
> subsequent LDAP queries. Looking at the entry via the 389 Console I see
> that the values were set correctly but the checkbox for 'Enable Posix User
> Attributes' is unechecked - I had thought checking this merely added the
> relevant objectclass but apparently there's some other special magic
> occuring.
>
> How can we "enable" these attributes (so that we can than retrieve them
> via LDAP later) via LDAP ? Manually going in via the console and
"enabling"
> them via the checkbox for every new account is not a "solution".
>
>
> Create a user in the console which you have done the 'Enable Posix User
> Attributes' - do an ldapsearch to see what that LDIF looks like - compare
> that with your script or LDIF that you are using to automate.
>
>
>
> --
> 389 users mailing
list389-users@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/389-users
>
>
>