Are there any plans to extend the dynlist overlays dynamic group feature to return not the DNs of the matched entries but an attribute of the entries?
This would be useful for defining dynamic groups based on posixGroup (which need only the username, not the full DN) and populating them with entries from posixAccounts.
If the dynlist-attrset could be extended by one parameter like:
dynlist-attrset <group-oc> <URL-ad> [<member-ad>] [<result-ad>]
... where the additional parameter specifies the attribute that should be returned from the search results, a dynamic posixGroup could be configured like that:
dynlist-attrset myposixGroup memberURL memberUid uid
with a search filter like that:
ldap:///ou=users,dc=local,dc=site??sub?(&(objectClass=posixAccount)(<searchfilter>))
I.e. "take the uid attribute of the matched entries and add them as memberUid."
Could this extension be easily implemented?
Is there currently any workaround? E.g. a way to dynamically add a memberUid to each posixAccount that contains the same data as the uid attribute? If that works, a filter like ldap:///ou=users,dc=local,dc=site?memberUid?sub?(&(objectClass=posixAccount)(<searchfilter>)) ... could work.
Thanks in advance, --leo