Nuxeo Answers
ask a question

I connected OpenLDAP to Nuxeo 5.5 but there's still one problem with the configuration. Users who belong to a dynamic group are not associated to them but are well associated to theirs static group.

Configuration files:

  • default-ldap-users-directory-bundle.xml
            <inversereference field="groups" directory="groupLdapDirectory" dualreferencefield="members"/>
  • default-ldap-groups-directory-bundle.xml
            <ldapreference field="members" directory="userLdapDirectory" staticattributeid="member" forcednconsistencycheck="false"/>    
    <ldapreference field="subGroups" directory="groupLdapDirectory" forcednconsistencycheck="true" staticattributeid="member"/> <inversereference field="parentGroups" directory="groupLdapDirectory" dualreferencefield="subGroups"/> <ldaptreereference directory="groupLdapDirectory" field="children" scope="onelevel"/> <inversereference field="parents" directory="groupLdapDirectory" dualreferencefield="children"/> </references>

Some precisions:

Dynamic or static groups contains a 'member' attribute which is a list of string.

member = [uid=idUser1,ou=users,dc=companyName,dc=com; uid=idUser2,ou=users,dc=companyName,dc=com; ...]

Users do not have 'memberOf' attribute.

Dynamic groups are 'objectClass = groupOfNames', static groups are 'objectClass = groupOfURLs'.

Thx for helps.

The field for dynamic groups for groupOfURLs generally memberURL. In the tests folder of the source code you can find an example of a configuration where both dynamic and static groups are revolved. There is also a sample groups definition to illustrate how those entries look like.

The important lines are:

    <ldapReference field="members" directory="userDirectory"
      staticAttributeId="uniqueMember" dynamicAttributeId="memberURL" />

    <ldapReference field="subGroups" directory="groupDirectory"
      staticAttributeId="uniqueMember" dynamicAttributeId="memberURL" />
answered Feb 13 '12 at 14:37 Olivier Grisel ♦ 71159 Olivier%20Grisel's gravatar image

Thx this is it!!!

(Feb 13 '12 at 16:09) Clément Lardeur
Your answer
toggle preview

Bug Report

You found a bug? Please make sure you've asked the question here before submitting a bug report.

Report a bug

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported



Asked: Feb 13 '12 at 10:55

Seen: 1,851 times

Last updated: Feb 13 '12 at 16:09