Results 1 to 4 of 4

Thread: add group within group

  1. Feb 25th, 2007, 06:44 PM #1
    adeveloper
    adeveloper is offline Member
    Join Date
    Dec 2005
    Posts
    45

    Default add group within group

    Hi all,

    Could you help me on how I can create a group hierarchy. By referring to the person example I could create groups inside ou=groups. For example I could create cn=grp1,ou=groups.

    My question is is it possible to add another group inside cn=grp1? For example the new group may be cn=grp2,cn=grp1,ou=groups.

    I am looking forward for your suggestion.

    Thanks.
    Reply With Quote Reply With Quote
  2. Feb 26th, 2007, 07:23 AM #2
    rasky
    rasky is offline Senior Member
    Join Date
    Mar 2005
    Location
    Landskrona, Sweden
    Posts
    505

    Default

    It's probably legal to create a new group entry beneath an existing group. The semantics of that is however a completely different question (i.e. what does it mean that a group is nested beneath another one). It all depends on how that data is interpreted by the application that's using it.
    Mattias Arthursson
    Jayway AB (www.jayway.se)
    Spring-LDAP project member
    Reply With Quote Reply With Quote
  3. Feb 26th, 2007, 05:00 PM #3
    adeveloper
    adeveloper is offline Member
    Join Date
    Dec 2005
    Posts
    45

    Default

    Thanks for your response.

    I get the following error if I try to add a group in an existing group:
    Code:
    javax.naming.InvalidNameException: cn=junitTestGroup, cn=junitTestGroup, ou=groups, o=DEMOCORP, c=AU: [LDAP: error code 64 - Naming Violation]; remaining name 'cn=junitTestGroup, cn=junitTestGroup, ou=groups, o=DEMOCORP, c=AU'
    During my test the group "cn=junitTestGroup, ou=groups, o=DEMOCORP, c=AU" exists. I want to add "cn=junitTestGroup" group in the existing group.

    Relevent part of my code:
    Code:
    	private DistinguishedName buildDn() {
		DistinguishedName dn = new DistinguishedName();
		dn.add("c", "AU");
		dn.add("o", "DEMOCORP");
		dn.add("ou", "groups");
		dn.add("cn", "junitTestGroup");
		dn.add("cn", "junitTestGroup");
		return dn;
	}
	
    private DirContextOperations setAttributes(DirContextOperations adapter) {
        adapter.setAttributeValues("objectclass", new String[] { "top",
                "groupOfUniqueNames" });
        adapter.setAttributeValue("cn", "junitTestGroup");
        if (group.getMembers() != null && group.getMembers().size() > 0) {
            adapter.setAttributeValues("uniqueMember", group.getMembers()
                    .toArray(new String[0]));
        }
        return adapter;
    }
    I even tried adding "organizationalUnit" objectclass in the setAttributes method but got the following error when creating the first (parent) group.
    Code:
    javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - Invalid Attribute Syntax]; remaining name 'ou=junitTestGroup, ou=groups, o=DEMOCORP, c=AU'
    Reply With Quote Reply With Quote
  4. Feb 26th, 2007, 10:36 PM #4
    adeveloper
    adeveloper is offline Member
    Join Date
    Dec 2005
    Posts
    45

    Default

    I seem to be able to add group within group after using 'organizationalUnit' (let me know if there is a better way). I am not sure why I was getting error before.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules