On 07/02/2010 11:58 AM, Daniel Maher wrote:
I am trying to get system groups working on 389-ds via the addition
of
"posixGroup" as a value for a given LDAP group.
However, this error appears in the log :
[02/Jul/2010:09:43:03 +0000] - Entry
"cn=admin,ou=systemgroups,dc=domain,dc=net" -- attribute "uidNumber"
not
allowed
Hello,
After wiping out my test instance and starting from scratch, it has
become clear that the problem is related to the DNA plugin. If i do NOT
activate / configure the DNA plugin, then i can manipulate
posixGroup-related entries as expected. As soon as the plugin is
activated and configured, the error noted above occurs.
I followed (and *cough* wrote) this document exactly :
http://directory.fedoraproject.org/wiki/Howto:DNA
[root@test-dma-36 dirsrv]# /usr/lib64/mozldap/ldapsearch -h localhost -p
389 -s base -b "" "objectclass=*" | grep vendorVersion
vendorVersion: 389-Directory/1.2.5 B2010.012.2034
[root@test-dma-36 dirsrv]# cat /etc/redhat-release
CentOS release 5.4 (Final)
[root@test-dma-36 dirsrv]# uname -s -r -v -i -o
Linux 2.6.18-164.15.1.el5 #1 SMP Wed Mar 17 11:30:06 EDT 2010 x86_64
GNU/Linux
It would seem that this is either a fault in the configuration of the
plugin, or a bug with the plugin itself. Has anybody else experienced
similar behaviour ?
--
Daniel Maher <dma + 389users AT witbe DOT net>