How-to-install PWM-Password-Management with Nethserver


PWM install relay on memberOf attribute which is not activate by default with Nethserver.
You need to load the module «» into the LDAP.

You don’t have to worry much as you already got all you need on your local Nethserver.
The only thing you have to do is to activate it by command-line

dn: cn=module{1},cn=config
changetype: modify
add: olcModuleLoad

Then use the command to load this module into your LDAP.

ldapmodify -Y EXTERNAL <<EOF
dn: cn=module{1},cn=config
changetype: modify
add: olcModuleLoad
add: olcModuleLoad
olcModuleLoad: refint
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifying entry "cn=module{1},cn=config"

Then we need to configure this module with two files :

Files memberofmodule.ldiff

dn: olcOverlay={0}memberof,olcDatabase={2}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf

File refintmodule.ldif

dn: olcOverlay={1}refint,olcDatabase={2}hdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner

Now if you create an account throught the gui you will not see any memberof attribute on your usersr. Why ?
Because Nethserver use PosixGroups as basic objectClass and PosixGroups don’t support this attribute.
So how can i manage to finaly get my memberof attributes ?

Just create your groups manualy using ldapadmin for a webinterface or directly with the command line.
I used this ldif file as references:

dn: cn=mygroup,ou=groups,dc=example,dc=com
objectClass: groupofnames
cn: mygroup
description: All users
member: uid=john,ou=people,dc=example,dc=com

I will edit this post to finish the setup properly. Stay tuned