Thanks for your reply, I try to explain.

Populating memberOf attribiute to users entry working well using this:

olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf

User entry look as follow:

dn: uid=test1,ou=people,dc=test,dc=com
sambaAcctFlags: [U        ]
sambaPwdLastSet: 9999999999
sambaNTPassword: pass
o: test
sambaSID: S-1-5-21-3945181060-1826002392-430723570
pwdPolicySubentry: cn=noexpire,ou=ppolicy,dc=test,dc=com
createTimestamp: 20220529070624.324Z
description: User account
userPassword:: pass
sambaPwdCanChange: 1528009736
sambaPwdMustChange: 0
mail: test1@test.com
loginShell: /bin/bash
givenName: Test1
sambaLogonTime: 0
sn: Test
cn: Test1 Test
objectClass: posixAccount
objectClass: top
objectClass: inetOrgPerson
objectClass: person
objectClass: organizationalPerson
objectClass: sambaSamAccount
objectClass: shadowAccount
homeDirectory: /home/test1
pwdChangedTime: 20220529070856.504Z
gidNumber: 1002
uidNumber: 1002
uid: test1
structuralObjectClass: inetOrgPerson
entryUUID: 348cd83e-7c6a-103c-8612-1918ce7a0bc4
creatorsName: cn=admin,dc=test,dc=com
labeledURI: ldap:///ou=groups,dc=test,dc=com??sub?(|(&(objectclass=groupOfUniqueNames)(uniqueMember=uid=test1,ou=people,dc=test,dc=com))(&(objectClass=posixGroup)(memberUid=test1)))
entryCSN: 20220609180738.487916Z#000000#001#000000
modifiersName: cn=admin,dc=test,dc=com
modifyTimestamp: 20220609180738Z
memberOf: cn=devops,ou=groups,dc=test,dc=com
entryDN: uid=test1,ou=people,dc=test,dc=com
subschemaSubentry: cn=Subschema
hasSubordinates: FALSE

Static group entry:

cn=devops,ou=groups,dc=test,dc=com
cn: devops
objectClass: groupOfUniqueNames
objectClass: top
description: devops group
uniqueMember: uid=test1,ou=people,dc=test,dc=com
uniqueMember: uid=test2,ou=people,dc=test,dc=com

Next what I want to do is agregate multiple groups to one virtual using this:

olcDynListAttrSet: {0}groupOfURLs memberURL member

Then I create appropiate group:

cn=testluri,ou=groups,dc=test,dc=com
cn: testluri
objectClass: top
objectClass: groupOfURLs
description: test group
memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)

but this don't add memeber entry to this group. When I changing memberURL as follow:

memberURL: ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))

member attribute was added to testluri group:

cn=testluri,ou=groups,dc=test,dc=com
cn: testluri
objectClass: top
objectClass: groupOfURLs
description: test group
memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)
member: uid=test1,ou=people,dc=test,dc=com
member: uid=test2,ou=people,dc=test,dc=com

but this is not the goal. As I mentioned I want to agregate multiple group to one using memberOf attribute in memberURL:

memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)

but this not working. What I'm doing wrong?

Reagrds
BS


śr., 29 cze 2022 o 19:17 Quanah Gibson-Mount <quanah@fast-mail.org> napisał(a):


--On Tuesday, June 28, 2022 12:18 PM +0200 Bog Dan <bsiara.cgi@gmail.com>
wrote:

>
> Hi All,
> I have problem with dynlist overlay, this is my configuration:
>
>
>
> olcOverlay={1}dynlist,olcDatabase={1}mdb,cn=config
> objectClass: olcOverlayConfig
> objectClass: olcDynListConfig
> olcOverlay: {1}dynlist
> olcDynListAttrSet: {0}groupOfURLs memberURL member
> olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf
>
>
>
> First I create static group:
>
>
> cn=devops,ou=groups,dc=test,dc=com
> cn: devops
> objectClass: groupOfUniqueNames
> objectClass: top
> description: devops group
> uniqueMember: uid=test1,ou=people,dc=test,dc=com
> uniqueMember: uid=test2,ou=people,dc=test,dc=com
>
>
>
> When I create new dynamic group:
>
> cn=testluri,ou=groups,dc=test,dc=com
> cn: testluri
> objectClass: top
> objectClass: groupOfURLs
> description: test group
> memberURL:
> ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=te
> st,dc=com)
>
>
>
> I don't get any member of group. Users test1 and test2 already have
> memberOf attribute:
>
> memberOf: cn=devops,ou=groups,dc=test,dc=com
>
>
>
> When I change memberURL to use not dynamic attributes (memberOf):
>
>
> memberURL: ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))
>
>
>
> users added to testluri group and dynlist works well.
> What I should do to configure dynlist with memberOf?

I've read your email multiple times, and quite frankly I don't understand
what your end goal is.

If your end goal is to have static groups, where memberOf is dynamically
populated on the user entries (which is the usual use case for replacing
the 2.4 memberOf), then your configs are clearly incorrect.

Can you better explain what your end goal is?

Thanks,
Quanah