norbert@pueschel.net wrote:
Updated TAR-file with (hopefully) sufficient copyright notice...
http://www.pueschel.net/openldap/norbert-pueschel-autogroup-27102010.tar
Your code does a string compare againset "memberOf" to detect those filter references. 1) it should simply be comparing the AttributeDescription pointers 2) since the "memberof" attribute is actually configurable in the memberof overlay, there's no guarantee that this is the correct attribute to be looking for. It should also be configurable in your patch.
You're using strcasecmp, but your inputs are already normalized values. You should just use ber_bvcmp.
Replying to the original:
- Using non-DN-valued URIs for autogroup does not work correctly, even
with the latest version from HEAD. Especially changing group member is not tracked.
I don't see why this should ever work or be supported. LDAP groups list DNs.
- Using the memberOf-overlay for constructing autogroups does not work
I don't see any reason why this should work. The memberof overlay is not used to construct groups, it is only used to report on group memberships that have already been defined.