Express (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Select a registry or repository > Manage realms in a federated repository > Virtual member manager > Troubleshoot and Support > Support issues and limitations > LDAP repository issues
Relative distinguished name translation limitation
When two or more LDAP servers are used and the relative distinguished name (RDN) attributes for a particular type of Member are not the same, only one of the RDNs can be used as the virtual member manager RDN.
For example, if cn is the RDN for person in one LDAP server, uid is the RDN for person in another LDAP server, only one of the RDNs can be used as the virtual member manager RDN. If uid is chosen for the virtual member manager RDN, RDN translation is needed between the virtual member manager RDN and the LDAP server whose RDN is cn.
The RDN translation in virtual member manager 6.1 has the limitation that it only works with an LDAP directory information tree (DIT) that does not have:
- a group under a person
- a person under a person
- a person under a group
- a group under a group
Parent topic: LDAP repository issues