On Mon, Mar 13, 2023 at 10:58:12AM +0100, Andreas Ladanyi wrote:
Hi,
after upgrade from 2.5.13->2.5.14 i cant get any search result from slapd when filtering for specific memberOf=value. If i downgrade back to slapd 2.5.13 all is working again.
It doesnt work with ldapsearch nor with sssd-ldap modul when filtering entities with a specific memberOf=Value:
ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b OUR_BASE_DN '(memberOf=.........)' memberOf uid
ldapsearch shows the entities with memberOf attribute and the memberOf value if i search without a specific memberOf value in the filter:
ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b OUR_BASE-DN memberOf
The dynlist config is:
dynlist-attrset labeledURIObject labeledURI memberOf
Hi Andreas, I'm pretty sure you configured a dynamic list (whose behaviour has been tightened recently) that you're using as a dynamic group. See the slapo-dynlist manpage for an example how we recommend setting this up.
Regards,