xjuric29/groupofentries.ldif

## groupofentries.ldif
# https://tools.ietf.org/html/draft-findlay-ldap-groupofentries-00
#
dn: cn=groupofentries,cn=schema,cn=config
objectClass: olcSchemaConfig
cn: groupofentries
olcObjectClasses: {0}( 1.2.826.0.1.3458854.2.1.1.1 NAME 'groupOfEntries' DESC 'Replacement for groupOfNames object without required member attribute' SUP top STRUCTURAL MUST ( cn ) MAY ( member $ businessCategory $ seeAlso $ owner $ ou $ o $ description ) )

## groupofentries.schema
objectclass ( 1.2.826.0.1.3458854.2.1.1.1 NAME 'groupOfEntries' SUP top STRUCTURAL
            MUST ( cn )
            MAY ( member $
                  businessCategory $
                  seeAlso $
                  owner $
                  ou $
                  o $
                  description ) )

## ldap_groupofentries_readme.md

      
    Raw
  

              ldap_groupofentries_readme.md
            
          
    Add groupOfEntries LDAP support

If you use newer RFC2307Bis schema for managing POSIX group members by "member" atribute, you probably found out that you
cannot use group without at least one member because the class "groupOfNames" requires it. The right way to correct this behaviour is to use the "groupOfEntries" class specified by this draft.
Installation

ldapadd -D cn=admin,cn=config -W -H <LDAP_server_url> -f /path/to/groupofentries.ldif
	# https://tools.ietf.org/html/draft-findlay-ldap-groupofentries-00
	#
	dn: cn=groupofentries,cn=schema,cn=config
	objectClass: olcSchemaConfig
	cn: groupofentries
	olcObjectClasses: {0}( 1.2.826.0.1.3458854.2.1.1.1 NAME 'groupOfEntries' DESC 'Replacement for groupOfNames object without required member attribute' SUP top STRUCTURAL MUST ( cn ) MAY ( member $ businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
	objectclass ( 1.2.826.0.1.3458854.2.1.1.1 NAME 'groupOfEntries' SUP top STRUCTURAL
	MUST ( cn )
	MAY ( member $
	businessCategory $
	seeAlso $
	owner $
	ou $
	o $
	description ) )