Bonjour All,
I have been fiddling with PDM, and I want to sync it to our LDAP servers.
Now here's a fun one : those things are running an OLD ldap tree imported over generations of VMs, meaning we can't use memberOf.
I can get my list of users with ldap-search like this :
dn: cn=proxmox,ou=groups,dc=organisation,ou=staff,dc=mycompany,dc=com
which returns a list of memberUid.
Issue is : Proxmox only uses the first one of the group, as I feel its interpreting the result as a key value couple, where the value is all of the memberUid
Ironically, I've got two proxmox CNs in this ldap, and so if I request the proxmox CN on my DN, I get the first members of both groups. As such a workaround would be to create as many groups as we need members in the proxmox group.
Is this stupid? Yes. Does it work? Also yes.
Still, I'd be interested in your advice on this (no, adding the memberOf feature to the ldap ain't doable, at least not short term).
Cheers all,
Taledo
I have been fiddling with PDM, and I want to sync it to our LDAP servers.
Now here's a fun one : those things are running an OLD ldap tree imported over generations of VMs, meaning we can't use memberOf.
I can get my list of users with ldap-search like this :
dn: cn=proxmox,ou=groups,dc=organisation,ou=staff,dc=mycompany,dc=com
which returns a list of memberUid.
Issue is : Proxmox only uses the first one of the group, as I feel its interpreting the result as a key value couple, where the value is all of the memberUid
Ironically, I've got two proxmox CNs in this ldap, and so if I request the proxmox CN on my DN, I get the first members of both groups. As such a workaround would be to create as many groups as we need members in the proxmox group.
Is this stupid? Yes. Does it work? Also yes.
Still, I'd be interested in your advice on this (no, adding the memberOf feature to the ldap ain't doable, at least not short term).
Cheers all,
Taledo