Tagged: #openDJ, 3, CompactDN, isMemberOf, Policy, privilege, resetPassword, Subtreespecification
This topic has 3 replies, 3 voices, and was last updated 4 years, 11 months ago by dti.
-
AuthorPosts
-
July 13, 2017 at 9:18 am #18107
dti
ParticipantHi,
I’m currently evaluating the OpenDJ 3 an got stuck at some Issue redargind this Version. It seems that the OpenDJ 3 is not usable with many groups and users, since there is a bug regarding “CompactDN” with “isMemberOf” searches. Details in the JIRA https://bugster.forgerock.org/jira/browse/OPENDJ-2655
I tried to use a resetPasswort-Policy based on a group membership with the subtreespecification “isMemberOf”. Is there any other possibility to give a user a privilege? There seems to be a way using a virtuell attribute based on a group membership, but it looks like in the end it would also resolved by the isMemberOf specification. Is there any way to workaround this issue? Or is there a bug-fix for the OpenDJ 3?Greetings,
DavidJuly 13, 2017 at 9:28 am #18109JnRouvignac
ParticipantHello,
If you have a support contract, you can ask for a patch.
Otherwise you can download 3.5+ releases from backstage, but only for evaluation purposes – not for production.Cheers,
Jean-NoelJuly 13, 2017 at 10:39 am #18111Ludo
ModeratorHi,
There are other ways to assign a privilege to a user. One is to directly set the ds-privilege-name attribute in the user entry.
This works for a few users, but is less dynamic than associating it with a group.Kind regards,
LudoJuly 13, 2017 at 2:04 pm #18114dti
ParticipantHi Ludo,
Thanks for this answer. Thats right and that was one of my approaches. Any other ideas?
-
AuthorPosts
You must be logged in to reply to this topic.