Fix ldif files: group must contain member.

2 files changed, 13 insertions, 7 deletions

diff --git a/ldap/db/base.ldif.in b/ldap/db/base.ldif.in
index ee28e12..04e39d1 100644
--- a/ldap/db/base.ldif.in
+++ b/ldap/db/base.ldif.in
@@ -59,18 +59,22 @@ dn: ou=Groups,ou=Access Control,@SUFFIX@
 objectClass: organizationalUnit
 ou: Groups
 
-dn: cn=Replicants,ou=Groups,ou=Access Control,@SUFFIX@
-objectClass: groupOfUniqueNames
-cn: Replicants
+# Empty groups not permitted - create as needed instead
+#
+#dn: cn=Replicants,ou=Groups,ou=Access Control,@SUFFIX@
+#objectClass: groupOfUniqueNames
+#cn: Replicants
 
 dn: ou=Administrators,ou=Groups,ou=Access Control,@SUFFIX@
 objectClass: organizationalUnit
 ou: Administrators
 
-dn: cn=DSA,ou=Administrators,ou=Groups,ou=Access Control,@SUFFIX@
-objectClass: groupOfUniqueNames
-cn: DSA
-description: Directory System Agent administrators
+# Empty groups not permitted - create as needed instead
+#
+#dn: cn=DSA,ou=Administrators,ou=Groups,ou=Access Control,@SUFFIX@
+#objectClass: groupOfUniqueNames
+#cn: DSA
+#description: Directory System Agent administrators
 
 dn: ou=Entities,ou=Access Control,@SUFFIX@
 objectClass: organizationalUnit
diff --git a/ldap/mkldapdb b/ldap/mkldapdb
index 697f7cd..7469f5d 100755
--- a/ldap/mkldapdb
+++ b/ldap/mkldapdb
@@ -57,6 +57,8 @@ done
 for section in cipux horde; do
 	ldappasswd -x -h localhost -D "cn=admin,$basedn" -S -W "uid=$section,ou=System,ou=Entities,ou=SAM,$basedn"
 done
+
+# TODO: Write as function, and create group if not existing
 ldapmodify -x -h localhost -D "cn=admin,$basedn" -W <<EOF
 dn: cn=DSA,ou=Administrators,ou=Groups,ou=Access Control,$basedn
 changetype: modify