Sometimes I have also found it necessary to go to the group, e.g. gidNumber = 501, and click “Add new attribute” and then select “memberUid” in the dropdown and type your user id (eg. “dotieno”) in the value field and click “Update object”.
Then afterwards you can use the “modify group members”-link that appears under “memberUid” to manage the users in that group…
Many many thanks Emil.I have created my users some with gidNumber=501,others with gidNumber=500 ,one with gidNumber=507 and one with gidNumber=503
The only one that is able to log in to the server is the one with the gidNumber=503 all the others i get an error message username or password is in correct
The credentials that are able to log in can only synch tables what happens to the other operations
How do I move ahead
Please guide
Attached is the interface after login as gidNumber=503
Hi Duncan,
That’s strange…
Could you try resetting the user in the 501-group to a super simple password (to rule out problems related to character sets)? Also - what is the exact error message that is shown when you try to log-in?
If it is unable to validate the password, that can sometimes also mean that there was a crash in the openldap-container, so in that case you can try the following command and have a look at the uptime column (i.e. if the openldap container crashes, it restarts automatically - in which case it will have a significantly shorter uptime than the other containers);
docker ps
Out of curiousity - how big is the machine/vm that you are running the sync endpoint on? I have sometimes run into problems with the openldap container crashing mysteriously when I try to run the sync endpoint on (virtual) hardware with too little RAM etc (I personally think that 2gb ram is the minimum for openldap to run, although I don’t know the official requirements for that)
Oh - and I forgot to mention the simple but sometimes effective trick to just restart docker;
If you are on an ubuntu 20.* flavored linux you could write something like:
Many many thanks @Emil
Followed your guide and now am successful on this
I have created 2 users:
1 with role_synchronize_tables and the other with role_administer_tables
Do I still need to create other users with other roles or am ready to go with the 2 users
Great. I’m happy to hear it worked out.
I normally have one user with role_administer_tables and one role_super_user, but that really depends on your work process. Sometimes it is good to use users that do not have the role_administer_tables for data entry officers.
@elmps2018 Perhaps we should improve the documentation around what roles are recommended for each user type?