[389-users] Enable posix attributes via LDAP
Rich Megginson
rmeggins at redhat.com
Fri May 17 18:06:12 UTC 2013
On 05/17/2013 12:05 PM, Jonathan Vaughn wrote:
> Yeah, it works fine. No restarts needed. TL;DR: the interface library
> I was writing is set up to prevent you from assigning multiple values
> to attributes that are SINGLE-VALUE - and I forgot that even if you
> only get 1 value from ldap with PHP's functions its still an array
> ('count' => 1, 0 => [value]) and so I was silently throwing them away
> (hadn't gotten around to putting in actual errors for these yet). :D
> Totally my fault.
Ok. Thanks for the info.
>
> On Fri, May 17, 2013 at 11:49 AM, Rich Megginson <rmeggins at redhat.com
> <mailto:rmeggins at redhat.com>> wrote:
>
> On 05/17/2013 10:40 AM, Jonathan Vaughn wrote:
>> Oops. It looks like the results are coming back they're just
>> getting partially eaten somewhere in our code.
>>
>> Still, weird that the GUI shows it all grayed out - that's what
>> led me to believe something wasn't set right on the LDAP entry. I
>> googled for a solution and found some ancient post where someone
>> thought you had to restart 389ds server for it to notice the
>> change (which seemed silly to me ... ),
> Should not require a restart.
>
>> hence why I came here thinking surely it can't be that... there
>> must be a way! :D
>>
>> On Thu, May 16, 2013 at 9:36 PM, Rich Megginson
>> <rmeggins at redhat.com <mailto:rmeggins at redhat.com>> wrote:
>>
>> On 05/16/2013 06:06 PM, Jonathan Vaughn wrote:
>>> We're trying to create accounts (with the posixaccount
>>> objectclass and so forth) via LDAP, and while we can add the
>>> objectclasses and set the attributes without error, the
>>> attributes for posixaccount don't show up on subsequent LDAP
>>> queries. Looking at the entry via the 389 Console I see that
>>> the values were set correctly but the checkbox for 'Enable
>>> Posix User Attributes' is unechecked - I had thought
>>> checking this merely added the relevant objectclass but
>>> apparently there's some other special magic occuring.
>>>
>>> How can we "enable" these attributes (so that we can than
>>> retrieve them via LDAP later) via LDAP ? Manually going in
>>> via the console and "enabling" them via the checkbox for
>>> every new account is not a "solution".
>>
>> Create a user in the console which you have done the 'Enable
>> Posix User Attributes' - do an ldapsearch to see what that
>> LDIF looks like - compare that with your script or LDIF that
>> you are using to automate.
>>>
>>>
>>> --
>>> 389 users mailing list
>>> 389-users at lists.fedoraproject.org <mailto:389-users at lists.fedoraproject.org>
>>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20130517/642c9b61/attachment.html>
More information about the 389-users
mailing list