Problem with ptloader and Novell Edirectory

From: Klaus Steinberger (no email)
Date: Tue May 06 2008 - 08:35:44 EDT

  • Next message: Wesley Craig: "Re: Problem with ptloader and Novell Edirectory"

    Hello,

    I try to setup ptloader, but run into trouble with the way Novell handles
    groups.

    Novell edirectory does the following:

    the groupMembership Attribute inside the person object is multivalued, and
    contains the full DN's of the groups. Vice versa, the group Object contains a
    multivalued Attribut "member" containing the Full DN's of the Members.

    ptloader seems to work, but returns full dn's and of course the groups are not
    working:

    [root at test-imap etc]# /usr/lib/cyrus-imapd/ptdump
    user: guinea.pig time: 1210077241 groups: 10
      group:cn=cipphysik,ou=berechtigungsgruppen,o=physik
      group:cn=mitarbeiter,ou=berechtigungsgruppen,o=physik
      group:cn=mll-ldap,ou=exportgruppen,o=physik
      group:cn=email,ou=berechtigungsgruppen,o=physik
      group:cn=campususer,ou=gruppen,o=physik
      group:cn=bl-group,ou=berechtigungsgruppen,o=physik
      group:cn=verwaltung,ou=berechtigungsgruppen,o=physik
      group:cn=test,ou=gruppen,ou=subversion,ou=anwendungen,o=physik
      group:cn=otrs,ou=otrs,ou=anwendungen,o=physik
      group:cn=webmaster-tssp,ou=otrs,ou=anwendungen,o=physik

    Here is the relevant part of imapd.conf:

    ldap_sasl: 0
    ldap_base: ou=Personen,o=physik
    ldap_filter: (uid=%u)
    ldap_group_base: ou=Gruppen,o=physik
    ldap_group_filter: (member=%D)
    ldap_uri: ldap://edir11.physik.uni-muenchen.de
    ldap_member_method: attribute
    ldap_member_attribute: groupMemberShip
    ldap_member_base: ou=Gruppen,o=physik
    ldap_tls_cacert_file: /etc/pki/tls/certs/ca-bundle.crt
    pts_module: ldap
    ptscache_timeout: 10
    ptloader_sock: /var/lib/imap/ptclient/ptsock

    Any idea what I have to change in the imapd.conf to get it working?

    Sincerly,
    Klaus 

    -- 
Klaus Steinberger         Beschleunigerlaboratorium
Phone: (+49 89)289 14287  Am Coulombwall 6, D-85748 Garching, Germany
FAX:   (+49 89)289 14280  EMail: 
URL: http://www.physik.uni-muenchen.de/~Klaus.Steinberger/




    ----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
  • Next message: Wesley Craig: "Re: Problem with ptloader and Novell Edirectory"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    		Powered By FreeBSD   Powered By FreeBSD