sschneid/pluma

posixGroup, groupOfNames, groupOfUniqueNames

Opened this issue · 0 comments

sschneid commented

OpenLDAP fails on group creation due to overlapping object classes 'posixGroup', 'groupOfNames', and 'groupOfUniqueNames'.

In addition:

  1. posixGroup is marked as AUXILIARY by RFC2307bis, which partially solves this issue.
  2. posixGroup allows 'memberUid', in addition to...
  3. groupOfNames and groupOfUniqueNames, while both STRUCTURAL, overlap in function. groupOfNames uses 'member', groupOfUniqueNames uses 'uniqueMember'.

The best solution I see is to set both group.objectClass and group.attribute to be user-definable (and choose defaults) while allowing posixGroup (for gidNumber support) if group.POSIX is enabled.