Hi Alexandre

1) From slapo-memberof:
SLAPO-MEMBEROF(5)                       File Formats Manual                      SLAPO-MEMBEROF(5)

DESCRIPTION
      ...

      Note  that  this  overlay  is deprecated and support will be dropped in future OpenLDAP re‐
      leases. Installations should use the dynlist overlay  instead.  Using  this  overlay  in  a
      replicated environment is especially discouraged.

2) as far as I remember, memberof needs refint module too...

Not sure about refint, but ..

#### memberof
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: memberof
olcModuleLoad: refint
olcModuleLoad: back_monitor

dn: olcOverlay=memberof,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf

dn: olcOverlay=refint,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: refint
olcRefintAttribute: memberof
olcRefintAttribute: member
olcRefintAttribute: manager
olcRefintAttribute: owner

Hope it helps you.

Em qua., 7 de ago. de 2024 às 15:10, <awoestmann@intevation.de> escreveu:
Hi everyone,

i am trying to set up a OpenLDAP  (2.6.7 in a Ubuntu noble container) with the memberOf Overlay activated. Adding the users and groups seems to work fine but i was not yet able to activate the overlay and query the memberships of a given user.

I am using the following ldif to load the overlay:

dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /usr/lib/ldap

dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf

The config is added using "slapadd -n0 -l /path/to/ldif", after that i add the users using slapadd.
To check if the overlay works i am trying to query the memberOf attribute using ldapvi: "ldapvi --discover "(uid=exampleUid)" memberOf"

Does anyone has a hint for me what i am doing wrong?

Best regards,
Alexander


--
Paulo Ricardo Bruck 
011 98140-9184 (Whatsup/vivo)
011 94184-3433 (vivo)