[389-users] enabling posixGroup for a group (error : attribute "uidNumber" not allowed)
Nathan Kinder
nkinder at redhat.com
Tue Jul 6 17:04:31 UTC 2010
On 07/06/2010 09:08 AM, Daniel Maher wrote:
> On 07/06/2010 05:31 PM, Nathan Kinder wrote:
>
>
>>> http://directory.fedoraproject.org/wiki/Howto:DNA
>>>
>
>> The way you have DNA configured will cause it to try to add a
>> "uidNumber" attribute to a posixGroup entry. You should change the
>> "dnaFilter" attribute for your "cn=UID numbers" DNA config entry to be
>> "(objectClass=posixAccount)".
>>
>
> To clarify then, for the uids, instead of this :
>
> dnafilter: (|(objectclass=posixAccount)(objectclass=posixGroup))
>
> It should be this :
>
> dnafilter: (objectclass=posixAccount)
>
> ?
>
Yes, that is correct. The current setting you have causes DNA to add a
"uidNumber" attribute to newly created "posixAccount" and "posixGroup"
entries. You only want DNA to add the "uidNumber" attribute to
"posixAccount" entries.
More information about the 389-users
mailing list