According to this post http://blog.oddbit.com/post/2013-07-22-generating-a-membero/ it is possible to use a strategy for generating a memberOf attribute for posixGroups (dynlist module).

This need arose for a legacy OpenLDAP LDAP and with several applications using it.

So, this seems to me the best solution to be able to use the memberOf as a filter.

NOTE: Complete information about the problem here https://stackoverflow.com/questions/68583838/ldap-add-a-filter-to-an-ldap-url-so-that-only-users-belonging-to-a-certain-gro ).

QUESTION: Has anyone tested/used the procedure in the post http://blog.oddbit.com/post/2013-07-22-generating-a-membero/ ? Ie, generating a memberOf attribute for posixGroups (dynlist module)?

What I have for group OU and user OU is what goes below...

GROUP

```
cn:
accessgroup

gidNumber:
1004

memberUid:
usera
userb
userc
userd
usere
userf
userg
userh
useri

objectClass:
top
posixGroup
```

USERS

```
cn:
User Letter A

gecos:
User Letter A

gender:
M

gidNumber:
544

givenName:
User

gotoLastSystemLogin:
01.01.1970 00:00:00

homeDirectory:
/home/usera

loginShell:
/bin/bash

mail:
user.letter.a@domain.abc.de

objectClass:
top
person
organizationalPerson
inetOrgPerson
gosaAccount
posixAccount
shadowAccount
sambaSamAccount

[...]

uid:
usera

uidNumber:
1004

[...]
```

Thanks! =D

Eduardo Lúcio

Tecnologia, Desenvolvimento e Software Livre

LightBase Consultoria em Software Público

eduardo.lucio@lightbase.com.br

+55-61-3347-1949 - http://brlight.org - Brasil-DF

Software livre! Abrace essa idéia!

"Aqueles que negam liberdade aos outros não a merecem para si mesmos."

Abraham Lincoln