The groupOfNames objectclass is becoming more and more required for proper authorization (ie: Joomal LDAP plugins assume an MSAD, which trickles down to the memberOf and member attributes existing). Unfortunately, the groupOfNames lacks the required posixGroup provided attributes for proper interaction in...a POSIX environment. The rfc2307bis.schema changes posixGroup from STRUCTURAL to AUXILIARY, giving us the ability to use both objectclass for a given group. nss_ldap has support for using rfc2307bis, so providing the schema shouldn't trigger a chain of bugs either. From simonrvn on #ldap, I was givent the following link to the schema http://simonraven.kisikew.org/src/ldap/rfc2307bis.schema ...I was unable to find a more 'authoritative' source... Reproducible: Always
I forgot to mention that the RFC2307bis.schema (obviously) supersedes the nis.schema (being RFC2307)... But people using these should already know this ;)
...sigh...ok, so the schema linked above needs the two first entries commented out for the same reason they are commented out in nis.schema; uidNumber and gidNumber are 'builtin' attributes.
Added in 2.4.28-r1.
Reopening, it seems simonraven.kisikew.org has gone offline (no more DNS record). Got any other sources?
The authoritative source is (currently) sections 3 and 4 of http://tools.ietf.org/html/draft-howard-rfc2307bis-02
Ok, I extracted it manually and included in 2.4.31.