Express (Distributed operating systems), v8.0 > Secure applications and their environment > Authenticate users > Select a registry or repository > Manage realms in a federated repository > Virtual member manager > Troubleshoot and Support > Support issues and limitations > LDAP repository issues
Some LDAP servers do not support nested entities
Some LDAP servers do not allow all entity types to be created under all entity types.
To create an entity type under an entity type that LDAP doesn't support, then you need to modify the schema.
For example, to create a group under a group in Active Directory, by default, the operation is not supported. The object class group needs to be added as one of the superior object classes for groups.
Example
Following is an example on how to do this on Active Directory:
- Open Active Directory Schema Editor.
- Select Classes.
- Select the object class to create (for example, group)
- Select Relationship tab.
- Select the object class of the parent (for example, group)
- Click the Add Superior button.
- Click OK.
Parent topic: LDAP repository issues