Hi,
I searched the lists and the Internet, but only a small portion of people seem to have the same problem. So I don't know, what's maybe wrong with my setup. One hint I found at: http://serverfault.com/questions/73213/how-do-i-configure-reverse-group-memb...
I try to use the memberOf overlay in an openldap 2.4.11 (debian lenny) installation. This works so far. But if I'm going to modify a member attribute (add, delete, and modify) this change does not update the memberOf attributes returned. So in case of a deletion, the corresponding attribute memberOf still exists.
Example: dn: cn=example,ou=management,ou=groups,dc=domain changetype: modify delete: member member: cn=my.name,o=uwue,ou=identities,dc=domain
ldapsearch still returns:
# ldapsearch -x -LLL -H ldaps://server:636 -b ou=identities,dc=domain -W -D cn=admin,dc=domain cn=my.name memberOf Enter LDAP Password: dn: cn=my.name,... memberOf: cn=xxx,ou=groups,dc=german-lab,dc=de memberOf: cn=xxy,ou=groups,dc=german-lab,dc=de memberOf: cn=example,ou=management,ou=groups,dc=german-lab,dc=de
=> Does not work
- Restarting the slapd daemon does not help. - Using slapd.conf or cn=config makes no difference
If I remove the complete groupOfNames object and reimport it as a ldif file, the new imported options are respected and correctly updated. But this behavior is very ugly in practice.
So do you have any ideas, what to do?
Thank you very much in advance, Robert Henjes