Thanks for your reply, I try to explain.
Populating memberOf attribiute to users entry working well using this:
*olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf*
User entry look as follow:
*dn: uid=test1,ou=people,dc=test,dc=comsambaAcctFlags: [U ]sambaPwdLastSet: 9999999999sambaNTPassword: passo: testsambaSID: S-1-5-21-3945181060-1826002392-430723570pwdPolicySubentry: cn=noexpire,ou=ppolicy,dc=test,dc=comcreateTimestamp: 20220529070624.324Zdescription: User accountuserPassword:: passsambaPwdCanChange: 1528009736sambaPwdMustChange: 0mail: test1@test.com test1@test.comloginShell: /bin/bashgivenName: Test1sambaLogonTime: 0sn: Testcn: Test1 TestobjectClass: posixAccountobjectClass: topobjectClass: inetOrgPersonobjectClass: personobjectClass: organizationalPersonobjectClass: sambaSamAccountobjectClass: shadowAccounthomeDirectory: /home/test1pwdChangedTime: 20220529070856.504ZgidNumber: 1002uidNumber: 1002uid: test1structuralObjectClass: inetOrgPersonentryUUID: 348cd83e-7c6a-103c-8612-1918ce7a0bc4creatorsName: cn=admin,dc=test,dc=comlabeledURI: ldap:///ou=groups,dc=test,dc=com??sub?(|(&(objectclass=groupOfUniqueNames)(uniqueMember=uid=test1,ou=people,dc=test,dc=com))(&(objectClass=posixGroup)(memberUid=test1)))entryCSN: 20220609180738.487916Z#000000#001#000000modifiersName: cn=admin,dc=test,dc=commodifyTimestamp: 20220609180738ZmemberOf: cn=devops,ou=groups,dc=test,dc=comentryDN: uid=test1,ou=people,dc=test,dc=comsubschemaSubentry: cn=SubschemahasSubordinates: FALSE*
Static group entry:
*cn=devops,ou=groups,dc=test,dc=comcn: devopsobjectClass: groupOfUniqueNamesobjectClass: topdescription: devops groupuniqueMember: uid=test1,ou=people,dc=test,dc=comuniqueMember: uid=test2,ou=people,dc=test,dc=com*
Next what I want to do is agregate multiple groups to one virtual using this:
*olcDynListAttrSet: {0}groupOfURLs memberURL member*
Then I create appropiate group:
*cn=testluri,ou=groups,dc=test,dc=comcn: testluriobjectClass: topobjectClass: groupOfURLsdescription: test groupmemberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)*
but this don't add memeber entry to this group. When I changing memberURL as follow:
*memberURL: ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))*
member attribute was added to testluri group:
*cn=testluri,ou=groups,dc=test,dc=comcn: testluriobjectClass: topobjectClass: groupOfURLsdescription: test groupmemberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)* *member: uid=test1,ou=people,dc=test,dc=com* *member: uid=test2,ou=people,dc=test,dc=com*
but this is not the goal. As I mentioned I want to agregate multiple group to one using memberOf attribute in memberURL:
*memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)*
but this not working. What I'm doing wrong?
Reagrds BS
śr., 29 cze 2022 o 19:17 Quanah Gibson-Mount quanah@fast-mail.org napisał(a):
--On Tuesday, June 28, 2022 12:18 PM +0200 Bog Dan bsiara.cgi@gmail.com wrote:
Hi All, I have problem with dynlist overlay, this is my configuration:
olcOverlay={1}dynlist,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: {1}dynlist olcDynListAttrSet: {0}groupOfURLs memberURL member olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf
First I create static group:
cn=devops,ou=groups,dc=test,dc=com cn: devops objectClass: groupOfUniqueNames objectClass: top description: devops group uniqueMember: uid=test1,ou=people,dc=test,dc=com uniqueMember: uid=test2,ou=people,dc=test,dc=com
When I create new dynamic group:
cn=testluri,ou=groups,dc=test,dc=com cn: testluri objectClass: top objectClass: groupOfURLs description: test group memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=te st,dc=com)
I don't get any member of group. Users test1 and test2 already have memberOf attribute:
memberOf: cn=devops,ou=groups,dc=test,dc=com
When I change memberURL to use not dynamic attributes (memberOf):
memberURL:
ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))
users added to testluri group and dynlist works well. What I should do to configure dynlist with memberOf?
I've read your email multiple times, and quite frankly I don't understand what your end goal is.
If your end goal is to have static groups, where memberOf is dynamically populated on the user entries (which is the usual use case for replacing the 2.4 memberOf), then your configs are clearly incorrect.
Can you better explain what your end goal is?
Thanks, Quanah