mazzahaker
commented
1 year ago Also, I've already tried to add this attrib via phpldapadmin - it was unsuccessful too In general: it can be a tech problem, or I do something wrong? Thanks!
Closed mazzahaker closed 1 year ago
mazzahaker
commented
1 year ago Also, I've already tried to add this attrib via phpldapadmin - it was unsuccessful too In general: it can be a tech problem, or I do something wrong? Thanks!
carrodher
commented
1 year ago It seems it is not an issue related to the Bitnami OpenLDAP container image or Helm chart but about how the application or environment is being used/configured.
It seems a very specific use case difficult to reproduce on our side and very tied to your scenario.
For information regarding the application itself, customization of the content within the application, or questions about the use of the technology or infrastructure; we highly recommend checking forums and user guides made available by the project behind the application or the technology.
That said, we will keep this ticket open until the stale bot closes it just in case someone from the community adds some valuable info.
samisalkosuo
commented
1 year ago I got memberOf attribute working in my OpenLDAP image by adding this overlays.ldif to /schemas directory. See: https://github.com/samisalkosuo/openldap-docker.
I use groupOfUniqueNames as group objectClass.
mazzahaker
commented
1 year ago @samisalkosuo , could you describe the steps? I've just ran your image and my Apache Studio still can't add memberOf attrib. It said, that it not allowed. My command for run is:
docker run -d -p 389:1389 -p 636:1636 --name openldap-demo kazhar/openldap-demo
Thanks!
samisalkosuo
commented
1 year ago I don't add memberOf manually. Adding it is automatic when I add user to a group. It is also removed automatically when user is removed from group.
The image here shows the memberOf attribute. Some clients do not show memberOf attribute automatically, I had to check show operational attributes and add '+' to list in LDAPAdmin client.
mazzahaker
commented
1 year ago @samisalkosuo I have no this entity in ADS:
Also, when I'm trying to use ldapsearch - I have no this attrib:
# chawkins, users, sirius.com dn: uid=chawkins,ou=users,dc=sirius,dc=com objectClass: inetOrgPerson cn: Cara Hawkins givenName: Cara sn: Hawkins uid: chawkins mail: chawkins@sirius.com userPassword:: cGFzc3cwcmQ=
Maybe I should load your ldif or should do smth else?
mazzahaker
commented
1 year ago One more thing - this attrib in your instument - hide! It can't be shared with ldapsearch :)
samisalkosuo
commented
1 year ago memberOf is operational attribute and clients do not show them automatically. Please check to fetch operational attributes when browsing.
Ldapsearch shows operational attributes when adding '+'.
For example:
ldapsearch -D $LDAP_BIND_DN -w $LDAP_BIND_PWD -p $LDAP_PORT -h $LDAP_SERVER -b "ou=users,dc=sirius,dc=com" memberOf=cn=operations,ou=groups,dc=sirius,dc=com +
mazzahaker
commented
1 year ago @samisalkosuo Got it! I haven't known about it. Thanks a lot. Now it works and also works for my test env. Will recreate it for stage and prod. Thanks and have a great day!
amardeep2006
commented
1 year ago This issue is closed but the post from @samisalkosuo helped me. I was able to add overlay in official openldap image. I took overlay.ldif from here https://github.com/samisalkosuo/openldap-docker/blob/main/config/overlays.ldif
-v ./schemas:/schemas I was also able to bootstrap a new schema using my own ldif . I mounted the ldif as volume -v ./ldifs:/ldifs
Notice : I have used uniqueMember instead on member.
# Camunda Group creation
dn: cn=camunda-webapps-admins,ou=Groups,dc=example,dc=org
objectClass: groupOfUniqueNames
objectClass: top
cn: camunda-webapps-admins
uniqueMember: cn=demo,ou=People,dc=example,dc=orgFull command I have used
docker run -p '1389:1389' -v ./ldifs:/ldifs -v ./schemas:/schemas --detach --name openldap bitnami/openldap:2.6.4
Thanks
clayrisser
commented
1 year ago I have it working in this image which is based on bitnami/openldap and fully compatible with it.
Name and Version
bitnami/openldap:2.5.14
What architecture are you using?
amd64
What steps will reproduce the bug?
dn: ou=attributetypes, cn=microsoft, ou=schema objectclass: organizationalUnit objectclass: top ou: attributetypes
dn: m-oid=1.2.840.113556.1.4.221, ou=attributetypes, cn=microsoft, ou=schema objectclass: metaAttributeType objectclass: metaTop objectclass: top m-oid: 1.2.840.113556.1.4.221 m-name: sAMAccountName m-equality: caseIgnoreMatch m-syntax: 1.3.6.1.4.1.1466.115.121.1.15 m-singleValue: TRUE
dn: m-oid=1.2.840.113556.1.4.222, ou=attributetypes, cn=microsoft, ou=schema objectclass: metaAttributeType objectclass: metaTop objectclass: top m-oid: 1.2.840.113556.1.4.222 m-name: memberOf m-equality: caseIgnoreMatch m-syntax: 1.3.6.1.4.1.1466.115.121.1.15 m-singleValue: FALSE
dn: m-oid=1.2.840.113556.1.4.223, ou=attributetypes, cn=microsoft, ou=schema objectclass: metaAttributeType objectclass: metaTop objectclass: top m-oid: 1.2.840.113556.1.4.223 m-name: objectCategory m-equality: caseIgnoreMatch m-syntax: 1.3.6.1.4.1.1466.115.121.1.15 m-singleValue: TRUE
dn: ou=objectclasses, cn=microsoft, ou=schema objectclass: organizationalUnit objectclass: top ou: objectClasses
dn: m-oid=1.2.840.113556.1.5.6, ou=objectclasses, cn=microsoft, ou=schema objectclass: metaObjectClass objectclass: metaTop objectclass: top m-oid: 1.2.840.113556.1.5.6 m-name: simulatedMicrosoftSecurityPrincipal m-supObjectClass: top m-typeObjectClass: AUXILIARY m-must: sAMAccountName m-may: memberOf m-must: objectCategory