QA: groupOfNames - Is this supported from UCS?

Knowledge Base Community
, , , , ,
#1

Question

Is groupOfNames supported by UCS?

Answer

No, UCS don’t support groupOfNames, because the default RFC from UCS is 2256.
The default objectClass in UCS is posixGroup

443 objectclass ( 2.5.6.9 NAME 'groupOfNames'
444     DESC 'RFC2256: a group of names (DNs)'
445     SUP top STRUCTURAL
446     MUST ( member $ cn )
447     MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )

In UCS, posixGroup is used by default and it’s not possible to mix these with other structural object class chain.
As an example the output from posix-Group:

dn: cn=admins_posix,ou=groups,dc=example,dc=com
objectClass: top
objectClass: posixGroup
cn: admins_posix
gidNumber: 5001
memberUid: user1
memberUid: user2

Here the output from an groupOfNames:

dn: cn=admins_ldap,ou=groups,dc=example,dc=com
objectClass: top
objectClass: groupOfNames
cn: admins_ldap
member: cn=user1,ou=users,dc=example,dc=com
member: cn=user2,ou=users,dc=example,dc=com

For more informations, see also:
https://www.heinlein-support.de/blog/howto/ldap-und-unix-gruppen

See also:

How-to: groupOfNames - Create a group with this objectClass
#3
#4
Mastodon