with our installation of OpenLDAP, the user string is in fact

uid=test1user,ou=people,dc=domain,dc=com.

I still am unable to get the LDAP synchronization going on this.

Anyone have a solution for this? This issue still plagues me...

I am able to connect to my LDAP server, but I am unable to return any values...  It shows that each attribute is "disabled" (see attached)...

I tried to create ldap user and group and put the attribute like you in the first post.

But still having problem with showing Disabled on attribute "Group Name" and "Group unique identifier".

Can you show me about sample ldap user and group that you use also the value you put on user and group attribute in vCloud Director too?

Thanks

Below is what an ldapsearch returns for a testuser I have (this would be the sample LDAP user config)

What openldap version do you use?

Can you show me your slapd.conf too?

I can't get objectClass "groupOfNames" and "posixGroup" working together.

I googling and found those objectClass it can't using in group together

and it will showing error "[LDAP: error code 65 - invalid structural object class chain (groupOfNames/posixGroup)]"

if you try to add it together.

So I still see Group name and Group unique identifier disabled.

Regards,

OpenLDAP2 (2.3.32-0.10)

# Sample access control policy:

#       Root DSE: allow anyone to read it

#       Subschema (sub)entry DSE: allow anyone to read it

#       Other DSEs:

#               Allow self write access to user password

#               Allow anonymous users to authenticate

#               Allow read access to everything else

#       Directives needed to implement policy:

access to dn.base=""

        by * read

access to dn.base="cn=Subschema"

        by * read

access to attrs=userPassword,userPKCS12

        by self write

        by * auth

access to attrs=shadowLastChange

        by self write

        by * read

access to *

        by * read

# if no access controls are present, the default policy

# allows anyone and everyone to read anything but restricts

# updates to rootdn.  (e.g., "access to * by * read")

#

# rootdn can always read and write EVERYTHING!

#######################################################################

# BDB database definitions

#######################################################################

loglevel 1

TLSCertificateFile /etc/ssl/servercerts/servercert.pem

TLSCACertificatePath /etc/ssl/certs/

TLSCertificateKeyFile /etc/ssl/servercerts/serverkey.pem

database bdb

suffix "dc=doman,dc=com"

rootdn "cn=Admin,dc=domain,dc=com"

rootpw "{ssha}encrypted_value=="

directory /var/lib/ldap

checkpoint 1024 5

cachesize 10000

index objectClass,uidNumber,gidNumber eq

index member,mail eq,pres

index cn,displayname,uid,sn,givenname sub,eq,pres