Environment
Novell Open Enterprise Server 2 SP1
(OES2SP1)
Novell Open Enterprise Server 2 SP2 (OES2SP2)
Novell Open Enterprise Server 2 SP3
(OES2SP3)
Domain Services for Windows
DSFW
Situation
Groups can not bee seen in MMC
Schema has a base class of Group, but when looking at the base class of a group object with an ldapbrowser groupOfNames is returned as the objectclass.
Resolution
Do the following ldapsearch to see what object classes are returned on a group in the domain. Do the search on the DSfW server.
export LDAPCONF=/etc/opt/novell/xad/openldap/ldap.conf
ldapsearch -Y EXTERNAL -b cn=admingroup,o=novell objectclass
Should return:
# admingroup, novell
dn: cn=admingroup,o=novell
objectclass: Top
objectclass: uamPosixGroup
objectclass: posixGroup
objectclass: group
If
objectclass:groupOfNames or groupOfUniqueNames or anything other
than what is listed above then check the ldap class mappings on the
ldap group object for the DSfW server.
There might be two mappings for Group. If so, delete the one that is not mapped to group.
Then edit the mapping and verify that not only is the primary mapping group, but the secondary ldap class mappings are groupOfNames and groupOfUniqueNames.
