On Wed, 23 Mar 2005, Jayesh Kamdar wrote:
> The command line - ldapsearch -h ldapsrv1 -b "o=mitre.org"
> "(&(cn=osis_proxyauth_lg)(member=uid=jkamdar,o=mitre.org))"
> results in 0 matches. If I understand right, with this command, I am
> searching jkamdar in the group called osis_proxyauth_lg, correct? Eventhough,
> I am in that group, the search comes up empty.
This seach searches for an LDAP object with the values
cn=osis_proxyauth_lg
and
member=uid=jkamdar,o=mitre.org
Now, this assumes a number of things about your LDAP directory which may
or may not be true depending on your LDAP directory structure
Assumption 1: Your LDAP base DN is o=mitre.org
Assumption 2: Groups are named by the CN attribute
Assumption 3: The group you are interested in is named osis_proxyauth_lg
Assumption 4: The DN of your Person object is "uid=jkamdar,o=mitre.org"
Assumption 5: Groups in your LDAP directory is following the LDAP
standard method of making groups by listing the members in member
attributes carrying the DN of the user being member of the group.
You can verify each of these assumptions by the following searches
1: ldapsearch -h ldapsrv1 -s base -b o=mitre.org
2,3,5: ldapsearch -h ldapsrv1 -b o=mitre.org cn=osis_proxyauth_lg
4: ldapsearch -h ldapsrv1 -b uid=jkamdar,o=mitre.org
Regards
Henrik
Received on Wed Mar 23 2005 - 14:21:43 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST