Thanks. Yes, very helpful. For the group that lists our accounts I now have full DN
dn: cn=admins,ou=group,dc=server,dc=domain objectClass: posixGroup objectClass: top cn: admins memberUid: uid=user,ou=accounts,dc=server,dc=domain slapd.conf: limits group/posixGroup/memberUid="cn=admins,ou=group,dc=server,dc=domain" size=unlimited time=unlimited Though I am still hitting the limit. Thanks, Douglas Duckworth, MSc, LFCS HPC System Administrator Scientific Computing Unit Physiology and Biophysics Weill Cornell Medicine E: [email protected] O: 212-746-6305 F: 212-746-8690 On Wed, Jul 19, 2017 at 6:25 PM, Quanah Gibson-Mount <[email protected]> wrote: > --On Tuesday, July 18, 2017 4:32 PM -0400 Douglas Duckworth > <[email protected]> wrote: > > ># admins, group, ldap.server > > dn: cn=admins,dc=blah > > objectClass: posixGroup > > objectClass: top > > cn: admins > > memberUid: admin1 > > memberUid: admin2 > > > > Do you have any insight into what could be causing this behavior? I > > have not found the answer yet through extensive searching of the > > internets. > > Hi Douglas, > > The answer lies in the slapd.conf(5) man page, in the description of the > "limits" directive, specifically in this portion: > > "sets the limits for any DN listed in the values of the at attribute" > > memberUID does not contain a DN, therefore it cannot be used. Hope that > helps! > > Regards, > Quanah > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <https://urldefense.proofpoint.com/v2/url?u=http- > 3A__www.symas.com&d=DwIFaQ&c=lb62iw4YL4RFalcE2hQUQealT9- > RXrryqt9KZX2qu2s&r=2Fzhh_78OGspKQpl_e-CbhH6xUjnRkaqPFUS2wTJ2cw&m= > 91FmzFy5LT0oV9_Olhg0-lXej0TEADB8w4Tft72zqXs&s= > rnsVibsarNFQ1327v29L487KiPFGapoLz4PZ55l7Hsc&e= > > >
