On 09/25/2009 10:40 AM, Alexander 'Leo' Bergolth wrote:
On 09/24/2009 08:43 PM, Howard Chu wrote:
Alexander 'Leo' Bergolth wrote:
Are there any plans to extend the dynlist overlays dynamic group feature to return not the DNs of the matched entries but an attribute of the entries?
As Andreas already posted, this has been a dynlist feature for a long time.
As explained in my previous mail, this functionality isn't covered yet for posixGroups memberUid style setups.
For the records: Actually it seems to be implemented since 2.4.9:
Added slapo-dynlist mapping to dynamic attrs generation (ITS#5466)
http://www.openldap.org/lists/openldap-bugs/200804/msg00087.html
I managed to configure a dynamic posixGroup using the following settings:
-------------------- 8< -------------------- dn: olcOverlay={0}dynlist,olcDatabase={1}bdb,cn=config objectClass: olcDynamicList objectClass: olcOverlayConfig olcOverlay: {0}dynlist olcDlAttrSet: {0}posixGroup labeledURI memberUid:uid -------------------- 8< --------------------
This leads to a remap of uid attributes to memberUid attributes in the dynamic posixGroup.
Now we just have to define a search filter in the labeledURI attribute of the posixGroup: -------------------- 8< -------------------- dn: cn=testposixgroup,ou=LDAPgroups,dc=wu-wien,dc=ac,dc=at objectClass: labeledURIObject objectClass: posixGroup objectClass: top cn: testposixgroup gidNumber: 9999 labeledURI: ldap:///dc=wu-wien,dc=ac,dc=at?uid?sub?(&(objectclass=posixAccount)(testattr=1)) -------------------- 8< --------------------
Cheers, --leo