kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-02-23 21:01:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/docker-ldap/templates/ldif/01_member_of_configuration.ldif.j2

45 lines
2.1 KiB
Django/Jinja
Raw Blame History

# MemberOf Overlay Configuration for OpenLDAP
#
# This file activates the memberOf module and configures the memberOf overlay,
# which is required by Nextcloud for proper group management.
# @see https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_auth_ldap.html
# @see https://www.adimian.com/blog/how-to-enable-memberof-using-openldap/
#
# The first section loads the memberof module from the specified path.
# - olcModuleLoad: Specifies that the "memberof" module should be loaded.
# - olcModulePath: Provides the full path to the memberof shared object.
#
# The second section configures the memberOf overlay for the designated database.
# - The DN "olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config" sets up the overlay
# on the database backend (here assumed to be "hdb").
# - olcMemberOfDangling: ignore
# Instructs the overlay to ignore references to non-existent objects.
# - olcMemberOfRefInt: TRUE
# Enables referential integrity so that changes in group membership automatically
# update the user's "memberOf" attribute.
# - olcMemberOfGroupOC: groupOfNames
# Specifies that the overlay applies to groups with the object class "groupOfNames".
# - olcMemberOfMemberAD: member
# Indicates that the group's membership is stored in the "member" attribute.
# - olcMemberOfMemberOfAD: memberOf
# Defines that the overlay will maintain the "memberOf" attribute in user entries.
#
# IMPORTANT: All groups created before enabling this module must be deleted and recreated,
# as the overlay only assigns the "member" attribute when a new group is created.
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /opt/bitnami/openldap/lib/openldap/memberof.so
dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
Reference in New Issue View Git Blame Copy Permalink