[Freeipa-users] Serving RFC2307 to OS X clients
Nalin Dahyabhai
nalin at redhat.com
Thu Jun 7 21:27:37 UTC 2012
On Thu, Jun 07, 2012 at 05:03:11PM -0400, Ian Levesque wrote:
> Hello,
>
> I've read that the schema compatibility plugin should provide a vanilla RFC 2307 view of groups with memberUid attributes. I need this for our OS X clients, which don't seem capable of understanding the RFC 2307bis format of member DNs.
>
> So, I enabled the plugin using `ipa-compat-manage enable` and ensured it's loaded via `ipa-compat-manage status`. I restarted the directory server.
>
> However, I don't get memberUid attributes. I've seen some docs that say "cn=compat" should be added to the default base, but that returns nothing:
>
> ldapsearch -LLL -x -h sbgrid-directory -b cn=groups,cn=accounts,cn=compat,dc=sbgrid,dc=org cn=builders
> No such object (32)
> Matched DN: dc=sbgrid,dc=org
Try using "cn=groups,cn=compat,dc=sbgrid,dc=org" as the search base. We
don't put a "cn=accounts" container under cn=compat by default.
HTH,
Nalin
More information about the Freeipa-users
mailing list