https://bugs.openldap.org/show_bug.cgi?id=10188
Issue ID: 10188 Summary: autogroup doesn't allow a group to be a member of another group Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs@openldap.org Reporter: ondra@mistotebe.net Target Milestone: ---
Try setting up autogroup (autogroup-attrset groupOfURLs memberURL member) and loading the following ldif. You'll notice that neither group is marked as a member:
dn: cn=test objectClass: device
dn: cn=group,cn=test objectClass: mygroupOfURLs memberURL: ldap:///cn=test??sub?(description=a member) memberURL: ldap:///cn=test??sub?(description=I'm in) description: a member
dn: cn=member,cn=test objectClass: device description: I'm in
dn: cn=another,cn=test objectClass: mygroupOfURLs memberURL: ldap:///cn=test??sub?(objectclass=groupOfURLs) description: I'm in
Just set up mygroupOfURLs with at least a MAY that includes "cn $ description $ member $ memberURL" somehow, e.g.
objectClass ( NetscapeLDAPobjectClass:33.1 NAME 'mygroupOfURLs' SUP groupofurls STRUCTURAL MAY member )
https://bugs.openldap.org/show_bug.cgi?id=10188
--- Comment #1 from Ondřej Kuzník ondra@mistotebe.net --- Interestingly, enabling memberof overlay seems to hide this issue (at least sometimes).
https://bugs.openldap.org/show_bug.cgi?id=10188
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |CONFIRMED Ever confirmed|0 |1
--- Comment #2 from Howard Chu hyc@openldap.org --- Going to document this as a limitation - autogroups cannot contain other autogroups.
https://bugs.openldap.org/show_bug.cgi?id=10188
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS
--- Comment #3 from Howard Chu hyc@openldap.org --- https://git.openldap.org/openldap/openldap/-/merge_requests/694
If the wording is unclear, please suggest improvements.
https://bugs.openldap.org/show_bug.cgi?id=10188
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs@openldap.org |hyc@openldap.org Keywords|needs_review | Target Milestone|--- |2.5.18
https://bugs.openldap.org/show_bug.cgi?id=10188
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.5.18 |2.6.8
https://bugs.openldap.org/show_bug.cgi?id=10188
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED
--- Comment #4 from Quanah Gibson-Mount quanah@openldap.org --- head:
• cb399d63 by Howard Chu at 2024-03-19T17:36:56+00:00 ITS#10188 autogroup: cleanup autogroup_response
• e62c5d80 by Howard Chu at 2024-03-20T14:23:52+00:00 ITS#10188 autogroup: allow groups to be members of other groups
RE26:
• 9b3caaf7 by Howard Chu at 2024-03-26T17:05:33+00:00 ITS#10188 autogroup: cleanup autogroup_response
• dab86ede by Howard Chu at 2024-03-26T17:05:45+00:00 ITS#10188 autogroup: allow groups to be members of other groups
https://bugs.openldap.org/show_bug.cgi?id=10188
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED
-
openldap-its@openldap.org