Thursday, March 26, 2026

[389-users] Re: [Extern] Re: Nested groups

Am 23.03.26 um 15:46 schrieb Viktor Ashirov:
> Hi,
>
> On Mon, Mar 23, 2026 at 2:31 PM Kippels, Julian via 389-users <389-
> users@lists.fedoraproject.org <mailto:389-
> users@lists.fedoraproject.org>> wrote:
>
> Hi,
>
> I would like to have a group be a member of another group. How would I
> go about that?
>
> If you have enabled the memberOf plugin, it should work.
>
>
> Example:
>
> User1, User2 and User3 are members of GroupA.
>
> dn: cn=GroupA,ou=groups,dc=example,dc=com objectClass: top objectClass:
> groupOfNames objectClass: nsMemberOf cn: GroupA member:
> uid=User1,ou=people,dc=example,dc=com member:
> uid=User2,ou=people,dc=example,dc=com member:
> uid=User3,ou=people,dc=example,dc=com
>
> GroupA is a member of GroupB.
> User4 is a member of GroupB.
>
>
> dn: cn=GroupB,ou=groups,dc=example,dc=com objectClass: top objectClass:
> groupOfNames objectClass: nsMemberOf cn: GroupB member:
> cn=GroupA,ou=groups,dc=example,dc=com
> member: uid=User4,ou=people,dc=example,dc=com
>
>
> Searching for all members of GroupB returns Users1 to 4.
>
>
> # ldapsearch -xLLL '(memberOf=cn=GroupB,ou=groups,dc=example,dc=com)' dn
> dn: uid=User1,ou=people,dc=example,dc=com dn:
> uid=User2,ou=people,dc=example,dc=com dn:
> uid=User3,ou=people,dc=example,dc=com dn:
> uid=User4,ou=people,dc=example,dc=com
> dn: cn=GroupA,ou=groups,dc=example,dc=com
>
>
> Thanks
> Julian
> --
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> <mailto:389-users@lists.fedoraproject.org>
> To unsubscribe send an email to 389-users-
> leave@lists.fedoraproject.org <mailto:389-users-
> leave@lists.fedoraproject.org>
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/
> project/code-of-conduct/ <https://docs.fedoraproject.org/en-US/
> project/code-of-conduct/>
> List Guidelines: https://fedoraproject.org/wiki/
> Mailing_list_guidelines <https://fedoraproject.org/wiki/
> Mailing_list_guidelines>
> List Archives: https://lists.fedoraproject.org/archives/list/389-
> users@lists.fedoraproject.org <https://lists.fedoraproject.org/
> archives/list/389-users@lists.fedoraproject.org>
> Do not reply to spam, report it: https://forge.fedoraproject.org/
> infra/tickets/issues/new <https://forge.fedoraproject.org/infra/
> tickets/issues/new>
>
>
>
> --
> Viktor

Hi,

Thank you Viktor. Is it possible to mix groupOfNames and
groupOfUniqueNames with this approach?

Julian
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)