Closed skydeadpeng closed 4 months ago
t2y
commented
4 months ago @skydeadpeng According to core.schema in OpenLDAP server, the person objectClass must require two attributes: sn and cn. Why don't you add two attributes to your request?
objectclass ( 2.5.6.6 NAME 'person'
DESC 'RFC2256: a person'
SUP top STRUCTURAL
MUST ( sn $ cn )
MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )addRequest.Attribute("member", []string{"cn=superadmin,OU=test,OU=gongsi,dc=hlwgystpt,dc=com"})
data 0, Att 1f (member)
I found an error message indicating the member attribute was wrong. How about removing the member attribute?
t2y
commented
4 months ago Or set the group attribute with member attributes.
addRequest.Attribute("objectClass", []string{"group", "top"})
cpuschma
commented
4 months ago @t2y The error messages states that there's a problem with the submitted attribute member in the add request. Looking at the context of the operation, they're trying to add this newly created user to a group called superadmin, but the attribute for such operation would be memberOf. Also judging by the error message, this is an Active Directory, not an OpenLDAP server.
t2y
commented
4 months ago @cpuschma Exactly. I misunderstood the error message—this error message is from Active Directory. I mean that the request attributes are wrong in this case.
t2y
commented
4 months ago @skydeadpeng Use GitHub Discussions next time you have a question like this.
LDAP Result Code 19 "Constraint Violation": 000020B5: AtrErr: DSID-03152804, #1: 0: 000020B5: DSID-03152804, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 1f (member)