Ah!! I got it to work!
So what i did:
Ok, so i rebuilt but without the msuser.ldif schema. (my reasoning was because the memberof attribute was there ....but thought it was interesting that the overlay for dynlist included memberof...) https://www.openldap.org/software/man.cgi?query=slapo-dynlist&apropos=0&...
Added the dyngroup.ldif schema instead. Added the dynlist module
dn: cn=module,cn=config objectClass: olcModuleList cn: module olcModulePath: /opt/symas/lib/openldap/ olcModuleLoad: dynlist.la
Added the dynlist overlay:
dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: dynlist olcDynListAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames
Now i can do a simple ldapsearch:
ldapsearch -xLLL uid=davetest memberof dn: uid=davetest,ou=People,dc=domain,dc=net memberOf: cn=config,ou=group,dc=domain,dc=net memberOf: cn=netbox,ou=group,dc=domain,dc=net
Hope this makes sense and i did it right :D
@Saša-Stjepan Bakša ssbaksa@gmail.com FYI
Now to try with MMR
Thanks, Dave
On Mon, Aug 30, 2021 at 4:14 AM Saša-Stjepan Bakša ssbaksa@gmail.com wrote:
On Sun, 29 Aug 2021 at 16:50, Dave Macias davama@gmail.com wrote:
Thank you for the input!
Ive been researching it a bit. As far as I understand, dynlist “allows for expansion of dynamic groups and more” (from the man). Also, I'm assuming that dynlist also works well with MMR syncrepl, yes? (Since memberof didnt)
I only have static groups. Googling around showed that you can also use it against static groups…if I understood it correctly.
Would this overlay config help me for expanding against static groups using rfc2307bis schema?
dn: olcOverlay=dynlist,olcDatabase=mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: dynlist olcDynListAttrSet: member
Thank you!
Hi David,
I have similar situation and also a replicated environment. I am using posixGroup only and never had any need for a memberOf attribute. But now, my devs have a software which insists on that attribute so I should provide it for them. I have just started with testing it but don't have any result at this time, so if you solve it before me please post here what you did. Or you can email me directly if you prefer that.
Br,
Saša