You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by Eivinn Hustveit <ei...@fortiden.com> on 2006/03/09 15:02:29 UTC

Re: Jetspeed LDAP (error)

Thanks Raphaël and Marky!

This almost worked... I tried to remove cn from MUST in core.schema  
as well :

objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
         DESC 'RFC2256: a group of unique names (DN and Unique  
Identifier)'
         SUP top STRUCTURAL
         MAY ( uniqueMember $ businessCategory $ cn $ seeAlso $ owner  
$ ou $ o $ description ) )

A group is then inserted into the LDAP directory (verified in  
JXplorer). The problem now is that while Jetspeed list the group (ex:  
ldap_admin_group), which I just created, it keep telling me that "The  
group ldap_admin_group does not exist." when I try to add a user to  
the group.

I also tried to add the group-name to the cn-field as indicated from  
the original schema file, but that does not help. After the change to  
groupOfUniqueNames I end up with 3x objectClass and 1x uid as the  
only required attribute of the groups element in OpenLDAP.

I would like to try out Jetspeed 2.1-Dev to see if that version is  
compatible but I keep running into trouble when trying to run  
(jetspeed.version=2.0 in build.properties):
maven -DartifactId=maven-jetspeed2-plugin - 
DgroupId=org.apache.portals.jetspeed-2 -Dversion=2.0 plugin:download,
where the build cannot continue because of the unsatisfied dependency  
jetspeed-webapp-logging-2.0.jar. If I try to use jetspeed.version=2.1- 
Dev it fails on all org.apache.portals.jetspeed-2 downloads because  
it cannot find any 2.1-Dev versions.

At this point I'm uncertain how to approach the situation as I cannot  
get any further with my current class-files nor can I build the 2.1- 
Dev branch at this point.

As always any pointers would be appreciated.

Sincerely

Eivinn Hustveit
System Manager
http://www.mobiletech.no

On 09/03/2006, at 2:01 PM, Raphaël Luta wrote:

>>
>
> The above error messages indicates that your LDAP server always wants
> at least one member in a group. You've tried to create and empty group
> hence the message. In believe the jetspeed-2-group objectclass  
> inherits
> this definition from the core groupOfUniqueNames objectclass so you  
> have
> 2 solutions:
> - either follow the schema and always have at least 1 member in a  
> given
> group
> - modify the core OpenLDAP schema and change the groupOfUniqueNames
> definition in your core.schema to:
>
> objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
>         DESC 'RFC2256: a group of unique names (DN and Unique  
> Identifier)'
>         SUP top STRUCTURAL
>         MUST ( cn )
>         MAY ( uniqueMember $ businessCategory $ seeAlso $ owner $  
> ou $ o $
> description ) )
>
> (ie move the uniqueMember attribute from MUST to MAY)
>
> After restarting your LDAP server, everything should work.
>
> -- 
> Raphaël Luta - raphael@apache.org
> Apache Portals - Enterprise Portal in Java
> http://portals.apache.org/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>

Re: Jetspeed LDAP (error)

Posted by Raphaël Luta <ra...@apache.org>.

Eivinn Hustveit wrote:
> Thanks Raphaël and Marky!
> 
> This almost worked... I tried to remove cn from MUST in core.schema  as
> well :
> 
> objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
>         DESC 'RFC2256: a group of unique names (DN and Unique  Identifier)'
>         SUP top STRUCTURAL
>         MAY ( uniqueMember $ businessCategory $ cn $ seeAlso $ owner  $
> ou $ o $ description ) )
> 
> A group is then inserted into the LDAP directory (verified in 
> JXplorer). The problem now is that while Jetspeed list the group (ex: 
> ldap_admin_group), which I just created, it keep telling me that "The 
> group ldap_admin_group does not exist." when I try to add a user to  the
> group.
> 

If the group are keyed to uid in the DN, ie uid=mygroup, ou=groups. You need
to make sure the group objectClass will allow the uid attribute for this group.

You need to add uid in the MAY section of the group objectclass definition.

-- 
Raphaël Luta - raphael@apache.org
Apache Portals - Enterprise Portal in Java
http://portals.apache.org/

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org