nisNetgroup and posixgroup Attributes
Note
The values for displayAttribute and identityAttribute must be present in Group Schema attributes.
nisNetgroup Attributes
cn
Names of objects. Each name is one value of this multi-valued attribute. If the object corresponds to a person, it is typically the person's full name.
For example:
-
Martin K Smith -
Marty Smith -
printer12
nisNetgroupTriple
Unique member of a nisNetgroup
dn*
Directory path to the object
This is an Identity Attribute which must not be changed.
description
Human-readable descriptive phrases about the object
Each description is one value of this multi-valued attribute.
posixgroup Attributes
cn
Names of objects
Each name is one value of this multi-valued attribute. If the object corresponds to a person, it is typically the person's full name.
For example:
-
Martin K Smith -
Marty Smith -
printer12
memberUid
Unique member of a posixgroup
gidNumber*
Integer value that uniquely identifies a group in an administrative domain
dn*
Directory path to the object
This is an Identity Attribute which must not be changed.
description
Human-readable descriptive phrases about the object
Each description is one value of this multi-valued attribute.
Additional Group Schema Configuration Attributes
groupMemberAttribute*
Name of the Group Membership attribute of an account.
For example:
- posixgroup –
memberUid - nisNetgroup –
nisNetgroupTriple - groupOfUniqueNames –
uniqueMember
memberAttribute
Attribute name or distinguished name which is stored as value of the groupMemberAttribute
Available values:
-
cn -
uid -
dn
For example, groupMemberAttribute for posixgroup is the memberUid against which the values of an account can be cn or uid. So for posixgroup, the groupMemberAttribute name is memberUid, and the memberAttribute names are cn, uid, or both.
Similarly, for groupOfUniqueNames, groupMemberAttribute is uniqueMember and the memberAttribute name is dn.
Note
One or more than one memberAttribute can be configured as given in the above example of a sample schema for the sudoRole under Adding Additional Group Types .
memberPrefix
The value for this field is required if you have any prefix string before the memberAttribute value.
For example, (,user 1,)
Here, the prefix is "(,"
Note
The memberPrefix attribute is not required if the value of the member attribute is dn.
memberSuffix
The value for this field is required if you have any suffix string after the memberAttribute value.
For example, (,user 1,)
Here the suffix is ",)"
The memberSuffix attribute is not required if the value of the member attribute is dn.