<div dir="ltr"><span>overaly is enough for me.
</span><br><span>Followed </span><a href="http://www.schenkels.nl/2013/03/how-to-setup-openldap-with-memberof-overlay-ubuntu-12-04/" target="_top" rel="nofollow"><span>this </span></a><span>link to add memberOf attribute but I am not <span class="">getting</span> memberOf result whilesearching for attribute using below query:
</span><br><span>ldapsearch -LL -Y EXTERNAL -H ldapi:/// "(uid=ddharma)" -b dc=test,dc=com memberO
</span><br><br><b><span>Query Result</span></b><span>:
</span><br><span>SASL/EXTERNAL authentication started
</span><br><span>SASL <span class="">username</span>: gidNumber=1000+uidNumber=1000,cn=peercred,cn=external,cn=auth
</span><br><span>SASL SSF: 0
</span><br><span>version: 1
</span><br><br><span>dn: cn=dharma,ou=people,dc=test,dc=com
</span><br><br><b><span>Please find the below attachments:</span></b><br><span>1. ldap-structure.PNG : My ldap architecture. <span class="">user</span> "dharma" is member <span class="">of</span> twitter, historical, powertarck <span class="">groups</span>.
</span><br><span>2. backend.memberof.ldif
</span><br><span>3. backend.refint.ldif
</span><br><br><a href="http://shibboleth.1660669.n2.nabble.com/file/n7625251/ldap-structure.PNG" target="_top" rel="nofollow"><span>ldap-structure.PNG</span></a><br><a href="http://shibboleth.1660669.n2.nabble.com/file/n7625251/backend.ldif" target="_top" rel="nofollow"><span>backend.ldif</span></a><br><a href="http://shibboleth.1660669.n2.nabble.com/file/n7625251/backend.ldif" target="_top" rel="nofollow"><span>backend.ldif</span></a><br><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 3, 2016 at 9:05 PM, Chaitanya Kumar Ch <span dir="ltr"><<a href="mailto:chaitu381923@gmail.com" target="_blank">chaitu381923@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi, <br><br>I tried to get list of groups of a user by following <a href="https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverScriptAttributeDefinitionExamples" target="_blank">https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverScriptAttributeDefinitionExamples</a><br><br>but I am getting error in idp-process.log as distinguishedName always returning nothing.<br><br>attribute-resolver.xml:<br clear="all"><!-- get the user's DN from the main LDAP connector (myLDAP) for searching <br>    the groups the user is in --><br><resolver:AttributeDefinition id="distinguishedName"<br>    xsi:type="ad:Simple" sourceAttributeID="distinguishedName"><br>    <resolver:Dependency ref="myLDAP" /><br>    <!-- no encoder needed --><br></resolver:AttributeDefinition><br><br><!-- search for all groups the user is recursively in - and flatten the distinguishedName(s) <br>    of all the groups into a single multivalued attribute --><br><resolver:DataConnector id="groupLDAP" xsi:type="dc:LDAPDirectory"<br>    ldapURL="ldap://192.XXXXXXXX:389" baseDN="OU=Groups and Resources,DC=test,DC=com"<br>    principal="CN=admin,DC=test,DC=com" principalCredential="XXXXXXX"><br>    <resolver:Dependency ref="distinguishedName" /><br>    <dc:FilterTemplate><br>        <![CDATA[<br>            (member:1.2.840.113556.1.4.1941:=${distinguishedName.get(0)})<br>        ]]><br>    </dc:FilterTemplate><br>    <dc:ReturnAttributes>distinguishedName</dc:ReturnAttributes><br>    <dc:LDAPProperty name="java.naming.referral" value="follow" /><br></resolver:DataConnector><br><br><!-- define the memberOf attribute based on the distinguishedName attribute <br>    returned by the groupLDAP connector - names of all groups the user is in --><br><resolver:AttributeDefinition id="memberOf"<br>    xsi:type="ad:Simple" sourceAttributeID="distinguishedName"><br>    <resolver:Dependency ref="groupLDAP" /><br>    <!-- no encoder needed --><br></resolver:AttributeDefinition><br><br></div>Please help me.<span class="HOEnZb"><font color="#888888"><br><div><br>-- <br><div><div dir="ltr">Thank You,<br>Chaitanya Kumar Ch,<br>+91 9550837582<br></div></div>
</div></font></span></div>
</blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr">Thank You,<br>Chaitanya Kumar Ch,<br>+91 9550837582<br></div></div>
</div>