Re: Help using the memberOf overlay

Hi Alexandre

1) From slapo-memberof: SLAPO-MEMBEROF(5) File Formats Manual SLAPO-MEMBEROF(5)

DESCRIPTION ...

Note that this overlay is deprecated and support will be dropped in future OpenLDAP re‐ leases. Installations should use the dynlist overlay instead. Using this overlay in a replicated environment is especially discouraged.

2) as far as I remember, memberof needs refint module too...

Not sure about refint, but ..

#### memberof dn: cn=module{0},cn=config changetype: modify add: olcModuleLoad olcModuleLoad: memberof olcModuleLoad: refint olcModuleLoad: back_monitor

dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config objectClass: olcConfig objectClass: olcMemberOf objectClass: olcOverlayConfig objectClass: top olcOverlay: memberof olcMemberOfDangling: ignore olcMemberOfRefInt: TRUE olcMemberOfGroupOC: groupOfNames olcMemberOfMemberAD: member olcMemberOfMemberOfAD: memberOf

dn: olcOverlay=refint,olcDatabase={1}mdb,cn=config objectClass: olcConfig objectClass: olcOverlayConfig objectClass: olcRefintConfig objectClass: top olcOverlay: refint olcRefintAttribute: memberof olcRefintAttribute: member olcRefintAttribute: manager olcRefintAttribute: owner

Hope it helps you.

Em qua., 7 de ago. de 2024 às 15:10, awoestmann@intevation.de escreveu:

Hi everyone,

i am trying to set up a OpenLDAP (2.6.7 in a Ubuntu noble container) with the memberOf Overlay activated. Adding the users and groups seems to work fine but i was not yet able to activate the overlay and query the memberships of a given user.

I am using the following ldif to load the overlay:

dn: cn=module,cn=config cn: module objectClass: olcModuleList olcModuleLoad: memberof olcModulePath: /usr/lib/ldap

dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config objectClass: olcConfig objectClass: olcMemberOf objectClass: olcOverlayConfig objectClass: top olcOverlay: memberof olcMemberOfDangling: ignore olcMemberOfRefInt: TRUE olcMemberOfGroupOC: groupOfNames olcMemberOfMemberAD: member olcMemberOfMemberOfAD: memberOf

The config is added using "slapadd -n0 -l /path/to/ldif", after that i add the users using slapadd. To check if the overlay works i am trying to query the memberOf attribute using ldapvi: "ldapvi --discover "(uid=exampleUid)" memberOf"

Does anyone has a hint for me what i am doing wrong?

Best regards, Alexander