How can I add memberof attribute to ldap user via phpldapadmin

Question

I am using openldap to create a simple user and simple group.

dn: cn=User2 Engineer,ou=users,dc=example,dc=net
cn: User2 Engineer
gidnumber: 501
givenname: User2
homedirectory: /home/users/u2engineer
loginshell: /bin/sh
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: Engineer
uid: u2engineer
uidnumber: 1002
userpassword: {MD5}xxxxxxx


# Entry 1: cn=network engineers,ou=groups,dc=example,dc=net
dn: cn=network engineers,ou=groups,dc=example,dc=net
cn: network engineers
gidnumber: 501
memberuid: user1ene
memberuid: u2engineer
objectclass: posixGroup
objectclass: top

I would like to relate the user to the group by adding memberof attribute to user entry. it mean i need to add groupOfNames objectclass to user, groupOfNames is in core.schema but it can add that objectclass to user neither via phpldapadmin nor ldapmodify. i got error:

LDAP said:  Object class violation
Error number:   0x41 (LDAP_OBJECT_CLASS_VIOLATION)

I am sure that core.schema has been imported to openldap successfully.

What is the possible cause? How can I add memberof attribute to users?

Thanks!

-SG-

Answer 1

You can't. The memberOf attribute is an operational attribute maintained automatically by the memberof overlay. You can't set it yourself.

Adding the groupOfNames object class to the user entry doesn't make sense either. That object class is for, err, groups of names, such as roles, and it has a member attribute to which you add the DN of the user. Then the memberOf attribute of the user is automatically updated to include the DN of the group.

You're doing this all back to front.