[CalendarServer-users] Errors with group based access control

Josh Wisenbaker macshome at afp548.com
Thu Dec 14 13:04:37 PST 2006

On Thu, December 14, 2006 12:45 pm, Frank Strauß wrote:
> Frank Strauß wrote:
>  > [...]
>> Where did you take the OID from? Is it
>> kind of official? Does it matter in any way which OID we use (as long as
>> we are testing it in our own environments)?
>> What values do you put into calendarPrincipalURI attributes? Full URIs
>> with a "http://cal.example.com:8008" prefix or just something like
>> "/principals/user/josh"?
> [Continuing to talk to myself... :-)]
> I got the LDAP backend running now. Cool. ;-) To share the answers to my
> questions with others that could be interested...

You have it getting principals from LDAP?

> I use another OID from our organization's own namespace. So it seems the
> OID does not matter wrt the LDAP protocol. However, namespace conflicts
> should be avoided, of course.
> I use "local" principal URIs like "/principal/user/strauss".
> Minor note for people not using Apple's OD, but any other LDAP server:
> Your entries have to have apple-generateduid attributes. For now, I use
> something like "DEADBEEF-0000-0000-0002-000000001801" (just filling in
> the Posix UID/GID at then end to achieve uniqueness), but like the OID
> question, I should probably make sure how to do it "correctly".

You can use uuidgen to make new UUIDs.

Josh Wisenbaker
U, U, D, D, L, R, L, R, B, A, Start for your server

More information about the calendarserver-users mailing list