Re: (ITS#8148) exattrs=memberOf in consumer causes removal of memberOf attributes

Tuesday, 19 May 2015

alexoz66(a)gmail.com wrote:
...
 Full_Name: John Alex.
 Version: 2.4.40
 OS: FreeBSD 9.3
 URL: ftp://ftp.openldap.org/incoming/
 Submission from: (NULL) (176.58.252.240)

 I have a consumer configured with slapo-memberof and exattrs=memberof in order
 to keep track of group memberships locally as suggested in the manpages. This
 works ok when adding/deleting users to groups, but when a user entry containing
 "memberOf" values is modified, those values are deleted in the consumer.
 According to ITS#7400, exattrs=memberOf is necessary to avoid getting this
 attribute from the provider. 
I see nothing in ITS#7400 that even mentions exattrs. In fact there's nothing 
conclusive in ITS#7400 at all, it only says the issue should be taken up on 
the -devel mailing list and needs new design work.

...
 However, it was suggested to me to remove
 "memberOf" from exattrs, which I did and now everything seems to work fine.

 In any case, even if exattrs=memberof is not needed anymore, it should not have
 any effect to the local slapo-memberof operations. 
Sorry, that doesn't follow. Adding settings will invariably change some server 
behavior. Adding a setting that you didn't need generally turns a working 
config into a broken config.

...
 See also:
http://www.openldap.org/lists/openldap-technical/201505/msg00124.html 

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006