Ldap nested Groups membership not working as expected
Peter Schober
peter.schober at univie.ac.at
Fri Jun 11 09:41:04 UTC 2021
* Armando Martins <armando.mart1s at gmail.com> [2021-06-11 11:31]:
> ldapsearch -x -LLL -h "myldapserver" -b 'dc=example,dc=com' -D
> 'uid=myroaccount,ou=users,o=services,dc=example,dc=com' -w mypassword
> uid=testuser distinguishedName
> dn: uid=testuser,ou=users,dc=example,dc=com
>
> So, the answer is yes. The distinguishedName attribute is exposed by
> OpenLDAP.
No, you're simply misreading the output from that command.
If it would have found an attribute named "distinguishedName" it would
have printed the attribute and it's values as part of the output.
(It does not, above.)
Try searching for an attribute that's guaranteed to NOT exist and it
will still respond with dn: ...
-peter
More information about the users
mailing list