Hello,
Apologies for my bad English, it's not my native langage
I'm toying with openldap 2.5.5 and the dynlist overlay to replace the memberof overlay (since it's the recommanded way to manage the memberof attribute in a replicate environnement).
My configuration for the dynlist overlay is like this :
overlay dynlist dynlist-attrset groupOfURLs memberURL memberOf
If I create a group like this :
dn: cn=GroupB,ou=Groups,dc=appartement,dc=me objectClass: posixGroup objectClass: top objectClass: groupOfNames cn: GroupB member: uid=bob,ou=Users,dc=appartement,dc=me gidNumber: 14056
and a user like this :
dn: uid=bob,ou=Users,dc=appartement,dc=me objectClass: posixAccount objectClass: top objectClass: inetOrgPerson objectClass: shadowAccount objectClass: groupOfURLs [...Attributes omitted for clarity...] givenName: bob sn: bob displayName: bob uid: bob memberURL: ldap:///ou=Groups,dc=appartement,dc=me??sub?(member=uid=bob,ou=Users,dc=appartement,dc=me)
everything works fine, the memberof attribute is generate on the fly if I request it in the search
My "issue" is that my LDAP Client is not capable of creating a posix account with the objectclass groupOfURLs or the memberURL attribute... So when I create a new user, I need to manually edit the user in the database to add the objectclass groupOfURLs and the memberURL, which is very tedious.
Is there a way for openldap to dynamically add theses attributes when a new user is created ? For exemple, my LDAP client send an "Addrequest" with the following attributes :
dn: uid=leon,ou=Users,dc=appartement,dc=me objectClass: posixAccount objectClass: top objectClass: inetOrgPerson objectClass: shadowAccount [...Attributes omitted for clarity...] givenName: leon sn: leon displayName: leon uid: leon
openldap intercept the request, add the following attributes :
objectClass: groupOfURLs memberURL: ldap:///ou=Groups,dc=appartement,dc=me??sub?(member=uid=bob,ou=Users,dc=appartement,dc=me)
and then write the new entry in the database. Is that possible ? I looked at slapo-rwm but I'm not sure if this overlay can add attributes...
Thanks !