[root@comanche ~]# /etc/init.d/ldap2.4 start Starting slapd (ldap + ldaps): [ OK ] [root@comanche ~]# ldapadd2.4 -H ldapi:/// -f memberof.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "dc=example,dc=com" adding new entry "ou=Group,dc=example,dc=com" adding new entry "ou=People,dc=example,dc=com" adding new entry "uid=test1,ou=People,dc=example,dc=com" adding new entry "cn=testgroup,ou=Group,dc=example,dc=com" [root@comanche ~]# ldapsearch2.4 -LLL -H ldapi:/// "(uid=test1)" -b dc=example,dc=com memberOf SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn: uid=test1,ou=People,dc=example,dc=com memberOf: cn=testgroup,ou=Group,dc=example,dc=com [root@comanche ~]# cat memberof.ldif dn: dc=example,dc=com objectclass: domain dc: example dn: ou=Group,dc=example,dc=com objectclass: organizationalUnit ou: Group dn: ou=People,dc=example,dc=com objectclass: organizationalUnit ou: People dn: uid=test1,ou=People,dc=example,dc=com objectclass: account uid: test1 dn: cn=testgroup,ou=Group,dc=example,dc=com objectclass: groupOfNames cn: testgroup member: uid=test1,ou=People,dc=example,dc=com # egrep -v "^(#|$)" /etc/openldap2.4/slapd.conf include /usr/share/openldap2.4/schema/core.schema include /usr/share/openldap2.4/schema/cosine.schema include /usr/share/openldap2.4/schema/corba.schema include /usr/share/openldap2.4/schema/inetorgperson.schema include /usr/share/openldap2.4/schema/java.schema include /usr/share/openldap2.4/schema/krb5-kdc.schema include /usr/share/openldap2.4/schema/kerberosobject.schema include /usr/share/openldap2.4/schema/misc.schema include /usr/share/openldap2.4/schema/nis.schema include /usr/share/openldap2.4/schema/openldap.schema include /usr/share/openldap2.4/schema/autofs.schema include /usr/share/openldap2.4/schema/samba.schema include /usr/share/openldap2.4/schema/kolab.schema include /usr/share/openldap2.4/schema/evolutionperson.schema include /usr/share/openldap2.4/schema/calendar.schema include /usr/share/openldap2.4/schema/sudo.schema include /usr/share/openldap2.4/schema/dnszone.schema include /usr/share/openldap2.4/schema/dhcp.schema include /etc/openldap2.4/schema/local.schema include /etc/openldap2.4/slapd.access.conf access to dn.subtree="dc=example,dc=com" by group="cn=Replicator,ou=Group,dc=example,dc=com" by users read by anonymous read pidfile /var/run/ldap2.4/slapd.pid argsfile /var/run/ldap2.4/slapd.args modulepath /usr/lib/openldap2.4 moduleload memberof.la authz-regexp "gidNumber=0\\\+uidNumber=0,cn=peercred,cn=external,cn=auth" "cn=Manager,dc=example,dc=com" TLSCertificateFile /etc/ssl/openldap2.4/ldap.pem TLSCertificateKeyFile /etc/ssl/openldap2.4/ldap.pem TLSCACertificateFile /etc/ssl/openldap2.4/ldap.pem database bdb suffix "dc=example,dc=com" rootdn "cn=Manager,dc=example,dc=com" directory /var/lib/ldap2.4 checkpoint 256 5 index objectClass eq index cn,mail,surname,givenname eq,subinitial index uidNumber,gidNumber,memberuid,member,uniqueMember eq index uid eq,subinitial index sambaSID,sambaDomainName,displayName eq limits group="cn=Replicator,ou=Group,dc=example,dc=com" size=unlimited time=unlimited overlay memberof