DEVHIDE
Login Or Sign up

can not retrieve eduPerson attributes from 389 Directory Server

227 Views Asked by At

On current setup I have OpenLDAP server on which I had manually added eduPerson schema and from it I can retrieve without any problem attributes like eduPersonPrincipalName, eduPersonPrimaryAffiliation etc.

Now I want to test with 389 Directory Server which from what I have understood it has pre-added eduPerson schema. The problem is that even after I create a user with eduPerson attributes like eduPersonPrincipalName etc, I can not retrieve any attribute value of eduPerson schema. I need it because of SimpleSAMLphp SSO we use. Below is an search example of a user with multiple eduPerson attributes and none of them gets shown:

ldapsearch -x -b "cn=John Doe,ou=people,dc=domain,dc=com" -H ldap://127.0.0.1:389

# extended LDIF
#
# LDAPv3
# base <cn=John Doe,ou=people,dc=domain,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# John Doe, people, domain.com
dn: cn=John Doe,ou=people,dc=domain,dc=com
objectClass: eduPerson
objectClass: inetOrgPerson
objectClass: organizationcomPerson
objectClass: person
objectClass: posixAccount
objectClass: top
cn: John Doe
gidNumber: 10000
homeDirectory: /home/user@domain.com
uid: user@domain.com
uidNumber: 10055
description: Authenticated at 2020-04-28 12:27:08.657033
loginShell: /bin/bash
mail: user@domain.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Thank you,

EDIT: Another example which might help more. Below is a ldif file of a user:

version: 1

dn: cn=John Doe,ou=people,dc=domain,dc=com
objectClass: eduPerson
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: posixAccount
objectClass: top
cn: John Doe
gidNumber: 10000
homeDirectory: /home/jdoe@domain.com
sn: Doe
uid: jdoe@domain.com
uidNumber: 10057
carLicense: AA123BB
departmentNumber: IT
eduPersonPrimaryAffiliation: employee
eduPersonPrincipalName: jdoe@domain.com
eduPersonScopedAffiliation: employee@domain.com
employeeNumber: 1234567890
givenName: John
initials: JD
loginShell: /bin/bash
mail: jdoe@domain.com
title: Software Developer
userPassword:: e0NSWVBUfSQ2JG1LcDlHUmRUcENBRVZ1ZkUkc0djRkNsalcyWEVoby9FRlNGS
 jhLRXRYR1dmTGFUNXNYUk9BbHFRSHhoWXN4TWlZWEl6SEFCa0U1UzN3cm5uSktMSVAyTlg1d0V5
 YXN1U1laNXJocDA=

When I try to search for this user I get only the attributes below:

ldapsearch -x -b "cn=John Doe,ou=people,dc=rash,dc=al" -H ldap://127.0.0.1:389
# extended LDIF
#
# LDAPv3
# base <cn=John Doe,ou=people,dc=rash,dc=al> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# John Doe, people, rash.al
dn: cn=John Doe,ou=people,dc=rash,dc=al
objectClass: eduPerson
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
loginShell: /bin/bash
homeDirectory: /home/jdoe@domain.com
uid: jdoe@domain.com
cn: John Doe
uidNumber: 10057
gidNumber: 10000
mail: jdoe@domain.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
ldap openldap directoryservices directory-server
Original Q&A
0

There are 0 best solutions below

Related Questions in LDAP

Related Questions in OPENLDAP

Related Questions in DIRECTORYSERVICES

Related Questions in DIRECTORY-SERVER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.