Hello all I run openldap on a debian box : root@nova:LdapDeb# slapd -V @(#) $OpenLDAP: slapd 2.3.30 (Mar 9 2007 09:54:28) $ buildd@caballero:/build/buildd/openldap2.3-2.3.30/debian/build/servers/slapd root@nova:LdapDeb# I use the dynlist overlay configurated in slapd.conf like this : overlay dynlist dynlist-attrset groupOfURLs memberURL member The ldif entry : dn: ou=dynUsers,ou=users,ou=portal,ou=Extranet,ou=Exo,o=Eurofer,c=be objectClass: groupOfURLs cn: dynUsers ou: dynUsers memberURL: ldap:///br=Internal,o=Eurofer,c=be?dn?sub?(uid=*) The search does not expand each member: cn=... root@nova:LdapDeb# ldapsearch -x -LLL -b "ou=dynUsers,ou=users,ou=portal,ou=Extranet,ou=Exo,o=Eurofer,c=be" -s base "memberURL=*" dn: ou=dynUsers,ou=users,ou=portal,ou=Extranet,ou=Exo,o=Eurofer,c=be objectClass: groupOfURLs cn: dynUsers ou: dynUsers memberURL: ldap:///br=Internal,o=Eurofer,c=be?dn?sub?(mail=*) If I replace 'dn' by uid all work fine : root@nova:LdapDeb# ldapsearch -x -LLL -b "ou=dynUsers,ou=users,ou=portal,ou=Extranet,ou=Exo,o=Eurofer,c=be" -s base "memberURL=*" dn: ou=dynUsers,ou=users,ou=portal,ou=Extranet,ou=Exo,o=Eurofer,c=be objectClass: groupOfURLs cn: dynUsers ou: dynUsers memberURL: ldap:///br=Internal,o=Eurofer,c=be?uid?sub?(mail=*) uid: dominique uid: freddy uid: valerie ... What is missing in my config ? it is not permitted to return the dn ? Thanks in advance for your help Guy