Thanks for the answer Michael!!!
My slapd.conf in attach.
I followed precisely the tip that you gave me at the link below: http://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membersh...
When I run: *ldapsearch -LL -Y EXTERNAL -H ldapi:/// "(uid=test1)" -b dc=my,dc=company,dc=br memberOf*
only shows me: *dn: uid=test1,ou=People,dc=my,dc=company,dc=br*
Not show the *memberOf: cn=testgroup,ou=Group,dc=my,dc=company,dc=br*
I may have forgotten something?
On Sun, Sep 18, 2016 at 7:26 AM, Michael Ströder michael@stroeder.com wrote:
Elias Pereira wrote:
For a new group that I create, memberof is set automatically, ok?
slapo-memberof intercepts write operations to group entries and updates member entries at that time.
Note that the member entry must exist of course for this to succeed.
Also note that you have to run slapo-memberof on all replicas because attribute 'memberOf' is *not* replicated.
But the groups that I already have on my base. How would I do to "enable" the memberof option?
Modify the group entry.
Ldap accou manager maybe do that?
Client tools should not muck with attribute 'memberOf' (unless your 200% sure what you're doing).
Ciao, Michael.