stevenlafl
commented
7 months ago Have you tried adding $ gPLink to the MAY clause in that location under microsoftobjectclass.schema ?
Open AdrianVollmer opened 7 months ago
stevenlafl
commented
7 months ago Have you tried adding $ gPLink to the MAY clause in that location under microsoftobjectclass.schema ?
AdrianVollmer
commented
7 months ago Yes, that works. I have to add dozens of attributes though. I just need to know if that has been an oversight or if I'm doing something wrong. And if there is a reliable source I'd prefer to use that instead of fixing it manually, but if not, I'll do just that.
stevenlafl
commented
7 months ago Anything you find there is likely missing for others, or would be in setups like yours. If you are modifying those files, can you contribute those types of changes back into a PR? Since they're just alterations I think referencing this issue would help future folks. Unfortunately the repository owner appears to be.. absent.
On Tue, Apr 16, 2024 at 1:31 PM Adrian Vollmer @.***> wrote:
Yes, that works. I have to add dozens of attributes though. I just need to know if that has been an oversight or if I'm doing something wrong. And if there is a reliable source I'd prefer to use that instead of fixing it manually, but if not, I'll do just that.
— Reply to this email directly, view it on GitHub https://github.com/dkoudela/active-directory-to-openldap/issues/10#issuecomment-2059789872, or unsubscribe https://github.com/notifications/unsubscribe-auth/AATL4VBV347XW6RRBNW4PW3Y5V37RAVCNFSM6AAAAABGJQWXKSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJZG44DSOBXGI . You are receiving this because you commented.Message ID: @.***>
AdrianVollmer
commented
7 months ago Sure, if I end up with something useful, I'll create a PR. My use case might be a bit special though, since I'm only interested in read-only access, so I don't care if the schema is 100% correct as long as it is "good enough". Also, I don't work with LDAP schemas a lot, so I'm not entirely sure that I know what I'm doing. But I'm happy to publish a fork either way.
And if I could get the schema somewhere from Microsoft I think I could save a lot of time and work while getting a better result.
I was wondering what the source of
microsoftobjectclass.schemais.I admit my LDAP skills are quite limited, but it appears that it is incomplete as it does not contain all attributes. For instance,
gPLinkis defined here https://github.com/dkoudela/active-directory-to-openldap/blob/4aa4a74ea8ec05e62eb70065ffb22bb48ace1116/schema/microsoftattributetype.schema#L4920 but missing here https://github.com/dkoudela/active-directory-to-openldap/blob/4aa4a74ea8ec05e62eb70065ffb22bb48ace1116/schema/microsoftobjectclass.schema#L45Am I misunderstanding something or should the second location not contain a lot more attributes? If Microsoft decides to add more attributes, where could I get a definitive list?