July 13, 2017 at 9:18 am #18107dtiParticipant
I’m currently evaluating the OpenDJ 3 an got stuck at some Issue redargind this Version. It seems that the OpenDJ 3 is not usable with many groups and users, since there is a bug regarding “CompactDN” with “isMemberOf” searches. Details in the JIRA https://bugster.forgerock.org/jira/browse/OPENDJ-2655
I tried to use a resetPasswort-Policy based on a group membership with the subtreespecification “isMemberOf”. Is there any other possibility to give a user a privilege? There seems to be a way using a virtuell attribute based on a group membership, but it looks like in the end it would also resolved by the isMemberOf specification. Is there any way to workaround this issue? Or is there a bug-fix for the OpenDJ 3?
DavidJuly 13, 2017 at 9:28 am #18109JnRouvignacParticipant
If you have a support contract, you can ask for a patch.
Otherwise you can download 3.5+ releases from backstage, but only for evaluation purposes – not for production.
Jean-NoelJuly 13, 2017 at 10:39 am #18111LudoModerator
There are other ways to assign a privilege to a user. One is to directly set the ds-privilege-name attribute in the user entry.
This works for a few users, but is less dynamic than associating it with a group.
LudoJuly 13, 2017 at 2:04 pm #18114dtiParticipant
Thanks for this answer. Thats right and that was one of my approaches. Any other ideas?
You must be logged in to reply to this topic.