Hello,
I am trying to use a group of the type "groupOfURLs" within an olcAccess rule. However, I am having trouble getting this to work.
For testing, I use a simple rule like: by set="[cn=test,ou=System,dc=example,dc=local]/member & user" write
where "test" consists of the objectClass "grouOfURLs", with the following query in the "memberURL" attribute: ldap:///ou=Users,dc=example,dc=local??one?(uid=*)
In my understanding, the query is executed when the group's content is requested. And it works; if I use "ldapsearch", I get the expected result. However, if I use this group in the olcAccess rule, it won't work. I tried to use a static group with the objectClass "groupOfMembers", which works.
All I found suggested that I could use a dynamic list within a rule. Am I missing something, or does it simply not work with dynamic lists?
Regards, Souji Thenria