If it still doesn't work, it's a matter of the plug-in configuration and presence. Verify your dse.ldif. You shoud have something like<br><br>dn: cn=MemberOf Plugin,cn=plugins,cn=config<br>objectClass: top<br>objectClass: nsSlapdPlugin<br>
objectClass: extensibleObject<br>cn: MemberOf Plugin<br>nsslapd-pluginPath: libmemberof-plugin<br>nsslapd-pluginInitfunc: memberof_postop_init<br>nsslapd-pluginType: postoperation<br>nsslapd-pluginEnabled: on<br>nsslapd-plugin-depends-on-type: database<br>
memberofgroupattr: uniqueMember<br>memberofattr: memberOf<br>nsslapd-pluginId: memberof<br>nsslapd-pluginVersion: 1.2.0<br>nsslapd-pluginVendor: Fedora Project<br>nsslapd-pluginDescription: memberof plugin<br><br><br>The importnant parameters are :<br>
nsslapd-pluginEnabled: on<br>memberofgroupattr: uniqueMember<br>
memberofattr: memberOf<br><br>Other than that you may have the plug-in binaries missing...<br><br><div class="gmail_quote">2009/5/25 John A. Sullivan III <span dir="ltr"><<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a>></span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hmm . . . this made perfect sense and I thought it would be the end of<br>
my problems for sure. However, I added inetUser, ran fixup_memberof.pl<br>
and still see no memberOf populated attribute even if I ask for it<br>
explicitly:<br>
<br>
[root@ldap01 ~]# /usr/lib64/mozldap/ldapsearch -b "ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz" -D "cn=Directory Manager" -w - -h ldap01 uid=jasiii<br>
Enter bind password:<br>
version: 1<br>
<div class="im">dn: uid=jasiii,ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz<br>
</div><div class="im">objectClass: top<br>
objectClass: person<br>
objectClass: organizationalPerson<br>
objectClass: inetOrgPerson<br>
objectClass: posixAccount<br>
objectClass: account<br>
objectClass: posixgroup<br>
objectClass: shadowaccount<br>
</div>objectClass: inetuser<br>
physicalDeliveryOfficeName: Kennebunk<br>
telephoneNumber: +1 (207) xxx-xxxx<br>
mail: <a href="mailto:jsullivan@example.com">jsullivan@example.com</a><br>
sn: Sullivan III<br>
givenName: John A.<br>
loginShell: /bin/bash<br>
homeDirectory: /home/jasiii<br>
gidNumber: 100001<br>
uidNumber: 100001<br>
cn: jasiii<br>
uid: jasiii<br>
userPassword: {SSHA}p5K8zhxQYqkjCXmu617H2DtnDKDgnom3qTgQAg==<br>
shadowLastChange: 14366<br>
l: Kennebunk<br>
postalCode: 04043-XXXX<br>
postOfficeBox: PO Box XXX<br>
st: ME<br>
[root@ldap01 ~]# /usr/lib64/mozldap/ldapsearch -b "ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz" -D "cn=Directory Manager" -w - -h ldap01 uid=jasiii memberOf<br>
Enter bind password:<br>
version: 1<br>
<div class="im">dn: uid=jasiii,ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz<br>
<br>
</div>I then explicitly added the memberOf attribute to a user, created a<br>
bogus group and added the user to the group. Still no memberOf. What<br>
am I doing wrong? Thanks - John<br>
<div><div></div><div class="h5"><br>
<br>
On Fri, 2009-05-22 at 22:59 +0200, Andrey Ivanov wrote:<br>
><br>
><br>
> 2009/5/22 John A. Sullivan III <<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a>><br>
> Ah, I did not do that as I thought the filter would make the<br>
> change to<br>
> users with objectClass inetOrgPerson.<br>
> No. The filter just searches what you have in your directory<br>
><br>
><br>
> I am virtually certain the users<br>
> do not explicitly have inetUser as an object class. Are they<br>
> supposed<br>
> to?<br>
> Yes. The set of the attributes that your entry can hold is defined by<br>
> the classes listed in "objectClass". And the attribute memberOf is<br>
> part of the "inetUser" objectClass.<br>
><br>
> Is this done by default or is the need to add this object<br>
> class to<br>
> all users in order to use memberOf missing from the<br>
> documentation (or<br>
> overlooked by me!).<br>
> No. It is not done by default, you need to add the "objectClass:<br>
> inetUser" (or any other objectClass containing the memberOf attribute)<br>
> to each user entry. You can make a small perl script that does for all<br>
> your users something like<br>
><br>
> -------------<br>
> dn: uid=jasiii,ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz<br>
> changetype: add<br>
> objectclass: inetUser<br>
> -------------<br>
><br>
><br>
> You can test it with the GUI of the console for one or two user<br>
> entries just to be sure the attribute memberOf works as you wish...<br>
><br>
><br>
><br>
><br>
> objectClass: top<br>
> objectClass: person<br>
> objectClass: organizationalPerson<br>
> objectClass: inetOrgPerson<br>
> objectClass: posixAccount<br>
> objectClass: account<br>
> objectClass: posixgroup<br>
> objectClass: shadowaccount<br>
> The origin of your problem is the absence of "objectClass: inetUser"<br>
> necessary to add memberOf attribute to the entry...<br>
><br>
><br>
><br>
> Thanks - John<br>
><br>
><br>
> On Fri, 2009-05-22 at 08:31 +0200, Andrey Ivanov wrote:<br>
> > Can you show me the result of<br>
> > /usr/lib64/mozldap/ldapsearch -b<br>
> > "ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz" -D<br>
> "cn=Directory<br>
> > Manager" -w - -h ldap uid=jasiii objectClass<br>
> ><br>
> > It will list all the objectClasses of your entry. If<br>
> "objectClass:<br>
> > inetUser" is not present in the result of this search you<br>
> should, as i<br>
> > said in the previous message, add this objectClass to all<br>
> the entries<br>
> > you're going to manage with memberOf plug-in, smth like:<br>
> ><br>
> > dn:<br>
> uid=jasiii,ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz<br>
> > changetype: add<br>
> > objectclass: inetUser<br>
> ><br>
> ><br>
> > Hope it helps .<br>
> ><br>
> ><br>
> ><br>
> > 2009/5/22 John A. Sullivan III<br>
> <<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a>><br>
> > I'm starting to feel really stupid here - still not<br>
> working.<br>
> ><br>
> > I thought the filter must be the problem for sure.<br>
> I assumed<br>
> > from the<br>
> > documentation that no filter meant the task would<br>
> add the<br>
> > attribute for<br>
> > everything that could take a memberOf attribute. I<br>
> did not<br>
> > realize it<br>
> > defaulted to inetuser. So I recreated the task with<br>
> a filter<br>
> > of<br>
> > (objectClass=inetOrgPerson) but it still did not<br>
> seem to work.<br>
> ><br>
> > I thought perhaps I was doing ldapmodify wrong<br>
> (enter the<br>
> > parameters,<br>
> > double enter, then CTL D) so I edited the<br>
> fixup-memberof.pl<br>
> > script<br>
> > according to Rich's instructions. It ran without<br>
> error (by<br>
> > the way, it<br>
> > reflects the admin password when using -w - !!!).<br>
> But still<br>
> > no success.<br>
> ><br>
> > Perhaps I am checking incorrectly. I did not expect<br>
> to see<br>
> > memberOf<br>
> > listed as an attribute in the advanced console<br>
> screen for the<br>
> > user since<br>
> > it is a managed attribute. But I did try to view it<br>
> with an<br>
> > ldapsearch:<br>
> > It should be visible as an attribute you can add (provided<br>
> your entry<br>
> > has "objectClass: inetUser")<br>
> ><br>
> ><br>
> ><br>
> ><br>
> > /usr/lib64/mozldap/ldapsearch -b<br>
> ><br>
> > "ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz"<br>
> -D<br>
> > "cn=Directory<br>
> > Manager" -w - -h ldap uid=jasiii memberOf<br>
> ><br>
> > Is this how I would check for success?<br>
> ><br>
> > There is nothing suspicious in the error log. I do<br>
> have the<br>
> > audit log<br>
> > enabled. I see the creation and automatic deletion<br>
> of the<br>
> > task but I do<br>
> > not see any changes to objects to add and populate<br>
> the<br>
> > memberOf<br>
> > attribute. I'll paste in some excerpts below.<br>
> ><br>
> > What next? Thanks - John<br>
> ><br>
> > time: 20090520221132<br>
> > dn: cn=fixMemberOf,cn=memberof<br>
> task,cn=tasks,cn=config<br>
> > changetype: add<br>
> ><br>
> > objectClass: top<br>
> > objectClass: extensibleObject<br>
> > cn: fixMemberOf<br>
> > basedn: o=Internal,dc=ssiservices,dc=biz<br>
> ><br>
> > creatorsName: cn=xxxx<br>
> > modifiersName: cn=xxx<br>
> > createTimestamp: 20090521021132Z<br>
> > modifyTimestamp: 20090521021132Z<br>
> ><br>
> > time: 20090520221333<br>
> > dn: cn=fixmemberof,cn=memberof<br>
> task,cn=tasks,cn=config<br>
> > changetype: delete<br>
> > modifiersname: cn=server,cn=plugins,cn=config<br>
> ><br>
> > time: 20090520222242<br>
> > dn: cn=fixMemberOf,cn=memberof<br>
> task,cn=tasks,cn=config<br>
> > changetype: add<br>
> ><br>
> > objectClass: top<br>
> > objectClass: extensibleObject<br>
> > cn: fixMemberOf<br>
> > basedn:<br>
> ou=Desks,o=a100,o=Internal,dc=ssiservices,dc=biz<br>
> > creatorsName: cn=xxxx<br>
> > modifiersName: cn=xxxx<br>
> > createTimestamp: 20090521022242Z<br>
> > modifyTimestamp: 20090521022242Z<br>
> ><br>
> > time: 20090520222442<br>
> > dn: cn=fixmemberof,cn=memberof<br>
> task,cn=tasks,cn=config<br>
> > changetype: delete<br>
> > modifiersname: cn=server,cn=plugins,cn=config<br>
> ><br>
> > .<br>
> > .<br>
> > .<br>
> > time: 20090521183523<br>
> > dn: cn=memberOf_fixup_2009_5_21_18_35_23,<br>
> cn=memberOf task,<br>
> > cn=tasks,<br>
> > cn=config<br>
> > changetype: add<br>
> > objectClass: top<br>
> > objectClass: extensibleObject<br>
> > cn: memberOf_fixup_2009_5_21_18_35_23<br>
> > basedn: o=Internal,dc=ssiservices,dc=biz<br>
> ><br>
> > filter: (objectClass=inetOrgPerson)<br>
> > creatorsName: cn=xxxx<br>
> > modifiersName: cn=xxxx<br>
> > createTimestamp: 20090521223523Z<br>
> > modifyTimestamp: 20090521223523Z<br>
> ><br>
> > time: 20090521183724<br>
> > dn: cn=memberof_fixup_2009_5_21_18_35_23,cn=memberof<br>
> > task,cn=tasks,cn=config<br>
> ><br>
> > changetype: delete<br>
> > modifiersname: cn=server,cn=plugins,cn=config<br>
> ><br>
> > time: 20090521185804<br>
> > dn:<br>
> ><br>
> cn=general,ou=1.1,ou=console,ou=cn=xxxxx,ou=userpreferences,ou=<a href="http://ssiservices.biz" target="_blank">ssiservices.biz</a>,o=netscaperoot<br>
> > changetype: modify<br>
> > replace: nsPreference<br>
> > nsPreference::<br>
> ><br>
> IwojVGh1IE1heSAyMSAxODo1ODowNSBFRFQgMjAwOQpXaWR0aD0xMjgwClNob3<br>
> ><br>
> ><br>
> dTdGF0dXNCYXI9dHJ1ZQpTaG93QmFubmVyQmFyPXRydWUKWT0wCkhlaWdodD03NjkKWD0wCg==<br>
> > -<br>
> > replace: modifiersname<br>
> > modifiersname: cn=xxxxx<br>
> > -<br>
> > replace: modifytimestamp<br>
> > modifytimestamp: 20090521225804Z<br>
> > -<br>
> ><br>
> ><br>
> > On Thu, 2009-05-21 at 15:59 +0200, Andrey Ivanov<br>
> wrote:<br>
> > ><br>
> > ><br>
> > > 2009/5/21 John A. Sullivan III<br>
> > <<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a>><br>
> > > Thank you, Andrey. I did do an updatedb<br>
> and then<br>
> > locate - no<br>
> > > fixup-member0f.pl - just<br>
> > <a href="http://template.fixup-memberOf.pl" target="_blank">template.fixup-memberOf.pl</a> :-(<br>
> > > It is very strange. Normally during the server<br>
> installation<br>
> > the<br>
> > > template should be converted to the "normal" perl<br>
> script.<br>
> > ><br>
> > > Have you verified the configuration of the<br>
> memberOf plugin,<br>
> > especially<br>
> > > the arguments/attributes "memberofgroupattr" and<br>
> > "memberofattr" ?<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > Unless I'm missing something, you're<br>
> ldapmodify<br>
> > looks just<br>
> > > like mine<br>
> > > except for the cn (I believe the<br>
> documentation says<br>
> > it can be<br>
> > > called<br>
> > > anything) and I did not use a filter<br>
> (again, I<br>
> > believe the<br>
> > > documentation<br>
> > > says it is optional and our dit is still<br>
> rather<br>
> > small).<br>
> > > If you do not put the filter into the ldif then<br>
> the default<br>
> > filter is<br>
> > > used : "(objectClass=inetuser)". Do all your user<br>
> entries<br>
> > include this<br>
> > > objectClass (inetuser)? If not, you should add<br>
> this<br>
> > objectClass to all<br>
> > > the entries where you want the memberOf attribute<br>
> to appear.<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > I did create a new group and add myself to<br>
> it as you<br>
> > suggested<br>
> > > (thank<br>
> > > you). Surprisingly, it did not appear to<br>
> work. I<br>
> > did not see<br>
> > > a<br>
> > > memberOf attribute populated for me. I<br>
> then thought<br>
> > I would<br>
> > > see if I<br>
> > > need to manually add that attribute to<br>
> each user (I<br>
> > hope not!)<br>
> > > and I did<br>
> > > not see memberOf as an attribute I could<br>
> add to my<br>
> > user<br>
> > > object.<br>
> > ><br>
> > > No. You should not add it manually, the memberOf<br>
> attribute<br>
> > is<br>
> > > maintained automatically based on the group<br>
> membership.<br>
> > ><br>
> > > Do you see any message in error log? There should<br>
> be<br>
> > something about<br>
> > > the impossibility to write the memberof attribute<br>
> i think.<br>
> > > If you cannot add this attribute manually to your<br>
> entry it<br>
> > means that<br>
> > > your entry does not containe "objectClass:<br>
> inetuser". Add<br>
> > this<br>
> > > objectClass to all the entries that should be<br>
> "managed" by<br>
> > the plug-in<br>
> > > to allow the attribute memberOf to be written to<br>
> that<br>
> > entries.<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > I have verified that the plugin is defined<br>
> in<br>
> > dse.ldif and it<br>
> > > is<br>
> > > enabled. I also see memberOf defined in<br>
> > 20subscriber.ldif and<br>
> > > did not<br>
> > > see anything in the documentation about<br>
> needing to<br>
> > extend the<br>
> > > schema.<br>
> > > No, you don't need to extend the schema but you<br>
> need to make<br>
> > sure that<br>
> > > your entries include the objectClass "inetuser":<br>
> > ><br>
> > > objectClasses: ( 2.16.840.1.113730.3.2.130 NAME<br>
> 'inetUser'<br>
> > DESC<br>
> > > 'Auxiliary class which must be present in an entry<br>
> for<br>
> > delivery of<br>
> > > subscriber services' SUP top AUXILIARY MAY ( uid $<br>
> > inetUserStatus $<br>
> > > inetUserHTTPURL $ userPassword $ memberOf )<br>
> X-ORIGIN<br>
> > 'Netscape<br>
> > > subscriber interoperability' )<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > So, at this point, I am still at a loss<br>
> for what I<br>
> > did wrong.<br>
> > > What do I<br>
> > > check next? Thanks - John<br>
> > > Try to add the "objectClass: inetuser" to the<br>
> entries<br>
> > concerned and<br>
> > > take a closer look to the "errors" log file.<br>
> > ><br>
> > > @+<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > On Thu, 2009-05-21 at 12:59 +0200, Andrey<br>
> Ivanov<br>
> > wrote:<br>
> > > > Hi,<br>
> > > ><br>
> > > > there are two things to be verified<br>
> and/or taken<br>
> > into<br>
> > > account:<br>
> > > > * the pair of the attributes that is<br>
> maintained<br>
> > (the<br>
> > > arguments<br>
> > > > "memberofgroupattr" and "memberofattr"<br>
> of the<br>
> > plug-in)<br>
> > > > * presence of these two attributes in<br>
> the classes<br>
> > of your<br>
> > > users and<br>
> > > > groups<br>
> > > ><br>
> > > > To find fixup-memberof.pl try "locate<br>
> > fixup-memberof.pl".<br>
> > > ><br>
> > > > To launch it manually you need to add<br>
> something<br>
> > like that<br>
> > > to the<br>
> > > > server (with ldapmodify) :<br>
> > > > dn:<br>
> cn=memberOf_fixup_2009_5_21_12_39_21,<br>
> > cn=memberOf task,<br>
> > > cn=tasks,<br>
> > > > cn=config<br>
> > > > changetype: add<br>
> > > > objectclass: top<br>
> > > > objectclass: extensibleObject<br>
> > > > cn: memberOf_fixup_2009_5_21_12_39_21<br>
> > > > basedn: dc=example,dc=com<br>
> > > > filter: (objectClass=inetOrgPerson)<br>
> > > ><br>
> > > ><br>
> > > > As for your account, you may remove/add<br>
> yourself<br>
> > from a<br>
> > > group to see<br>
> > > > if it changes the memberof attribute.<br>
> Verify the<br>
> > objectClass<br>
> > > of your<br>
> > > > entry and make sure the attribute<br>
> memberOf is an<br>
> > optional<br>
> > > attribute of<br>
> > > > at least one of these objectClasses...<br>
> > > ><br>
> > > ><br>
> > > ><br>
> > > > 2009/5/21 John A. Sullivan III<br>
> > > <<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a>><br>
> > > > Hello, all. We are in the<br>
> process of<br>
> > upgrading from<br>
> > > 8.0 to<br>
> > > > 8.1. We've<br>
> > > > hit a few glitches along the way<br>
> but most<br>
> > has gone<br>
> > > well.<br>
> > > > However, we<br>
> > > > wanted to implement the new<br>
> memberOf<br>
> > functionality.<br>
> > > We<br>
> > > > successfully<br>
> > > > added the plugin by editing<br>
> dse.ldif and<br>
> > enabled it<br>
> > > from the<br>
> > > > console.<br>
> > > > However, we've been unsuccessful<br>
> in having<br>
> > existing<br>
> > > group<br>
> > > > membership<br>
> > > > assigned to the memberOf<br>
> attribute.<br>
> > > ><br>
> > > > We first tried to run<br>
> fixup-memberOf.pl<br>
> > but the<br>
> > > script does<br>
> > > > not exist.<br>
> > > > There is a<br>
> <a href="http://template.fixup-memberOf.pl" target="_blank">template.fixup-memberOf.pl</a> but<br>
> > this does<br>
> > > not seem<br>
> > > > to have<br>
> > > > been built into a final script.<br>
> > > ><br>
> > > > We then thought we would use the<br>
> new task<br>
> > feature of<br>
> > > the<br>
> > > > console. We<br>
> > > > went to cn=memberof<br>
> > task,cn=tasks,cn=config and<br>
> > > tried to<br>
> > > > create the task<br>
> > > > object. There was no<br>
> > nsDirectoryServerTask<br>
> > > objectclass. We<br>
> > > > added an<br>
> > > > nstask but then found there was<br>
> no basedn<br>
> > attribute<br>
> > > we could<br>
> > > > add. We<br>
> > > > then created an extensibleobject<br>
> instead<br>
> > but still<br>
> > > not basedn<br>
> > > > attribute.<br>
> > > ><br>
> > > > Finally, we resorted to<br>
> ldapmodify (we<br>
> > hesitated<br>
> > > just because<br>
> > > > we are not<br>
> > > > very familiar with the command<br>
> line<br>
> > tools). First,<br>
> > > we did:<br>
> > > ><br>
> > > > dn: cn=fixMemberOf,cn=memberof<br>
> > > task,cn=tasks,cn=config<br>
> > > > changetype: add<br>
> > > > objectclass: top<br>
> > > > objectclass: extensibleObject<br>
> > > > cn: fixMemberOf<br>
> > > > basedn:<br>
> o=Internal,dc=ssiservices,dc=biz<br>
> > > ><br>
> > > > The Internal Organization has<br>
> several<br>
> > organizations<br>
> > > under it<br>
> > > > (for<br>
> > > > various clients) and then user<br>
> > organizational units<br>
> > > under<br>
> > > > those<br>
> > > > organizations. Although it<br>
> generated no<br>
> > errors, it<br>
> > > did not<br>
> > > > seem to<br>
> > > > work. Perhaps I just don't know<br>
> how to<br>
> > test it.<br>
> > > However, the<br>
> > > > following<br>
> > > > did not return an memberOf data:<br>
> > > ><br>
> > > > /usr/lib64/mozldap/ldapsearch -b<br>
> > > ><br>
> > ><br>
> ><br>
> "ou=Users,o=client1,o=Internal,dc=ssiservices,dc=biz" -D<br>
> > > > "cn=Directory<br>
> > > > Manager" -w - -h ldap uid=myid<br>
> memberOf<br>
> > > ><br>
> > > ><br>
> Doing /usr/lib64/mozldap/ldapsearch -b<br>
> > > ><br>
> > ><br>
> ><br>
> "ou=Users,o=client1,o=Internal,dc=ssiservices,dc=biz" -D<br>
> > > > "cn=Directory<br>
> > > > Manager" -w - -h ldap uid=myid<br>
> > > > showed me plenty of attributes<br>
> but nothing<br>
> > for<br>
> > > memberOf<br>
> > > ><br>
> > > > I also tried creating the task<br>
> with a<br>
> > basedn of<br>
> > > ><br>
> > ou=Users,o=client1,o=Internal,dc=ssiservices,dc=biz<br>
> > > in case it<br>
> > > > did not<br>
> > > > change objects lower in the<br>
> tree. Still<br>
> > no success.<br>
> > > ><br>
> > > > Finally I tried:<br>
> > > ><br>
> > > > dn: cn=fixMemberOf,cn=memberof<br>
> > > task,cn=tasks,cn=config<br>
> > > > changetype: add<br>
> > > > objectclass: top<br>
> > > > objectclass:<br>
> nsDirectoryServerTask<br>
> > > > cn: fixMemberOf<br>
> > > > basedn:<br>
> o=Internal,dc=ssiservices,dc=biz<br>
> > > ><br>
> > > > adding new entry<br>
> > cn=fixMemberOf,cn=memberof<br>
> > > > task,cn=tasks,cn=config<br>
> > > > ldap_add: Object class violation<br>
> > > > ldap_add: additional info:<br>
> unknown object<br>
> > class<br>
> > > > "nsDirectoryServerTask"<br>
> > > ><br>
> > > > And received the expected<br>
> unknown object<br>
> > class<br>
> > > error.<br>
> > > ><br>
> > > > What are we doing wrong? Are<br>
> these<br>
> > documentation<br>
> > > bugs? Are<br>
> > > > there<br>
> > > > application bugs or do we simply<br>
> not know<br>
> > what we<br>
> > > are doing<br>
> > > > with tasks<br>
> > > > and memberOf? How do we get the<br>
> memberOf<br>
> > information<br>
> > > into our<br>
> > > > existing<br>
> > > > user objects? Thanks - John<br>
> > > ><br>
> > > ><br>
> > > > --<br>
> > > > John A. Sullivan III<br>
> > > > Open Source Development<br>
> Corporation<br>
> > > > +1 207-985-7880<br>
> > > > <a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a><br>
> > > ><br>
> > > > <a href="http://www.spiritualoutreach.com" target="_blank">http://www.spiritualoutreach.com</a><br>
> > > > Making Christianity intelligible<br>
> to<br>
> > secular society<br>
> > > ><br>
> > > > --<br>
> > > > Fedora-directory-users mailing<br>
> list<br>
> > > ><br>
> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> > > ><br>
> > ><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> > > ><br>
> > > > --<br>
> > > > Fedora-directory-users mailing list<br>
> > > > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> > > ><br>
> > ><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> > ><br>
> > > --<br>
> > ><br>
> > > John A. Sullivan III<br>
> > > Open Source Development Corporation<br>
> > > +1 207-985-7880<br>
> > > <a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a><br>
> > ><br>
> > > <a href="http://www.spiritualoutreach.com" target="_blank">http://www.spiritualoutreach.com</a><br>
> > > Making Christianity intelligible to<br>
> secular society<br>
> > ><br>
> > > --<br>
> > > Fedora-directory-users mailing list<br>
> > > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> > ><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> > ><br>
> > ><br>
> > > --<br>
> > > Fedora-directory-users mailing list<br>
> > > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> > ><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> > --<br>
> > John A. Sullivan III<br>
> > Open Source Development Corporation<br>
> > +1 207-985-7880<br>
> > <a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a><br>
> ><br>
> > <a href="http://www.spiritualoutreach.com" target="_blank">http://www.spiritualoutreach.com</a><br>
> > Making Christianity intelligible to secular society<br>
> ><br>
> > --<br>
> > Fedora-directory-users mailing list<br>
> > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> ><br>
> ><br>
> > --<br>
> > Fedora-directory-users mailing list<br>
> > <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> ><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
> --<br>
> John A. Sullivan III<br>
> Open Source Development Corporation<br>
> +1 207-985-7880<br>
> <a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a><br>
><br>
> <a href="http://www.spiritualoutreach.com" target="_blank">http://www.spiritualoutreach.com</a><br>
> Making Christianity intelligible to secular society<br>
><br>
> --<br>
> Fedora-directory-users mailing list<br>
> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
><br>
><br>
> --<br>
> Fedora-directory-users mailing list<br>
> <a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
> <a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
--<br>
John A. Sullivan III<br>
Open Source Development Corporation<br>
+1 207-985-7880<br>
<a href="mailto:jsullivan@opensourcedevel.com">jsullivan@opensourcedevel.com</a><br>
<br>
<a href="http://www.spiritualoutreach.com" target="_blank">http://www.spiritualoutreach.com</a><br>
Making Christianity intelligible to secular society<br>
<br>
--<br>
Fedora-directory-users mailing list<br>
<a href="mailto:Fedora-directory-users@redhat.com">Fedora-directory-users@redhat.com</a><br>
<a href="https://www.redhat.com/mailman/listinfo/fedora-directory-users" target="_blank">https://www.redhat.com/mailman/listinfo/fedora-directory-users</a><br>
</div></div></blockquote></div><br>