How to:
It’s possible to create a new group in the LDAP and use the ObjectClass: groupOfNames.
Hint
The ObjectClass: groupOfNames is not supported in UCS, because the default structural object class chain is posix-Group.
Step 1: Create the ldif to create the group.
The create_group.ldif is structured as follows:
dn: cn=admins,cn=groups,dc=univention,dc=intranet
objectClass: top
objectClass: groupOfNames
cn: admins
member: cn=max.muster,cn=users,dc=univention,dc=intranet
member: cn=marie.muster,cn=Users,dc=univention,dc=intranet
description: Administrator Group
Step 2: Create the group directly in LDAP.
Then create the group with the following command with the ldif.
ldapadd -x -D cn=admin,$(ucr get ldap/base) -y /etc/ldap.secret -f create_group.ldif
Step 3: Output from the successfully created group.
The output of the new group in the LDAP.
univention-ldapsearch cn=admins
# extended LDIF
#
# LDAPv3
# base <dc=miro,dc=intranet> (default) with scope subtree
# filter: cn=admins
# requesting: ALL
#
# admins, groups, miro.intranet
dn: cn=admins,cn=groups,dc=univention,dc=intranet
objectClass: top
objectClass: groupOfNames
cn: admins
member: cn=max.muster,cn=users,dc=univention,dc=intranet
member: cn=marie.muster,cn=users,dc=univention,dc=intranet
description: Administrator Group