On 05/24/10 01:11 PM, Howard Chu wrote:
Ian Collins wrote:
On 05/23/10 09:21 PM, Howard Chu wrote:
Don't use dynamic groups then. Use autogroups.
Is there any documentation of autogroup or how to debug it?
I've read the README, build the module and updated my config thus:
dn: cn={8}dyngroup,cn=schema,cn=config
<stuff> olcObjectClasses: {0}( NetscapeLDAPobjectClass:33 NAME 'groupOfURLs' SUP top S TRUCTURAL MUST cn MAY ( memberURL $ businessCategory $ description $ o $ ou $ owner $ seeAlso $ member ) )
dn: cn=module{1},cn=config objectClass: olcModuleList cn: module{1} olcModulePath: /opt/local/libexec/openldap olcModuleLoad: {0}dynlist.la olcModuleLoad: {1}memberof.la olcModuleLoad: {2}auditlog.la olcModuleLoad: {3}autogroup.la
dn: olcOverlay={2}autogroup,olcDatabase={1}hdb,cn=config objectClass: olcOverlayConfig objectClass: olcAutomaticGroups olcOverlay: {2}autogroup olcAGattrSet: {0}groupOfURLs memberURL member
But it doesn't appear to be working.
What have you done to test it? As the README says, it operates when a write operation occurs that may affect the membership of a given group.
Yes it does, I was was using the wrong search (searching on uniqueMember, not member).
The README states the <member-ad> part of the olcAGattrSet is fixed, this appears to be the case as I can't get uniqueMember to work.