search

osixia / docker-openldap

OpenLDAP container image 🐳🌴
MIT License
4.05k stars 977 forks source link

Error 32 while adding users/groups with memberOf #676

Open felixbliedung opened 7 months ago

felixbliedung commented 7 months ago

Hi, i stuck on a problem to setup ldap server. I am starting ldap 1.4.0 with standard settings:

 `LDAP_ORGANISATION: example
  LDAP_DOMAIN: example.org
  LDAP_BASE_DN: dc=example,dc=org`

After that i want to add groups and users from this ldif (ldapadd -x -W -D "cn=admin,dc=example,dc=org" -f test.ldif -Z):

dn: ou=Users,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Users

dn: ou=Groups,dc=example,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Groups

dn: uid=billy,ou=Users,dc=example,dc=org
uid: billy
cn: billy
sn: 1
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
loginShell: /bin/bash
homeDirectory: /home/billy
uidNumber: 14583102
gidNumber: 14564100
userPassword: {SSHA}e1NTSEF9Z3F1dGdrOUFjbjZiUkZGQjM1dWFPSXNCeE5xOElUc2Y=
mail: billy@example.org
gecos: Billy User
memberOf: cn=admin,ou=Groups,dc=example,dc=org

dn: uid=john,ou=Users,dc=example,dc=org
uid: john
cn: john
sn: 3
objectClass: top
objectClass: posixAccount
objectClass: inetOrgPerson
loginShell: /bin/bash
homeDirectory: /home/john
uidNumber: 14583103
gidNumber: 14564101
userPassword: 1234
mail: john@example.org
gecos: John User
memberOf: cn=admin,ou=Groups,dc=example,dc=org

dn: cn=admin,ou=Groups,dc=example,dc=org
objectClass: groupOfUniqueNames
cn: admin
description: Admin users
uniqueMember: uid=admin,dc=example,dc=org
uniqueMember: uid=john,ou=Users,dc=example,dc=org
uniqueMember: uid=billy,ou=Users,dc=example,dc=org

While the groups are added i am getting the following error: ADD dn="cn=admin,ou=Groups,dc=example,dc=org" memberof_value_modify DN="uid=admin,dc=example,dc=org" add memberOf="cn=admin,ou=Groups,dc=example,dc=org" failed err=32 memberof_value_modify DN="uid=john,ou=users,dc=example,dc=org" add memberOf="cn=admin,ou=Groups,dc=example,dc=org" failed err=20 memberof_value_modify DN="uid=billy,ou=users,dc=example,dc=org" add memberOf="cn=admin,ou=Groups,dc=example,dc=org" failed err=20

I also tried with a modified memberOf (change groupOfUniqueNames to groupOfNames), but it is still the same problem. What can i do for a working example with working memberOf? Is it combined with the rfc2307 schema? Thanks so much for help

felixbliedung commented 7 months ago

Ok, the memberOf functionality is working, but now i have another question/problem. By default, the operational attribute memberOf is not delivered (in the acls there is an entry that everybody can read this). What else can i check to get this running? Thanks