Hello,
Thanks I have found the correct documentation, read it 5 times (well english is not natural for me).
So, If I have only static groups should I use only this :
olcDynListAttrSet: myPerson labeledURI myMemberOf@GroupOfNames
What I don’t understand is that from this sentence in the man page ::
If the optional static-oc objectClass is also specified, then the memberOf attribute will also be populated with the DNs of the static groups that an entry is a member of.
Does it means that the labaledURI attr in my myPerson objects has no use ? Or it should return a list of objects of objectClass GroupOfNames that will be used to build the myMemberOf value (thus allowing to restrict the groups where to search for membership ?
f.g.
Le 17 oct. 2022 à 16:25, Quanah Gibson-Mount quanah@fast-mail.org a écrit :
--On Monday, October 17, 2022 4:51 PM +0200 Frédéric Goudal frederic.goudal@bordeaux-inp.fr wrote:
Hello,
We have to install a product which use ldap and that seems to need memberof overlay. As I have read this overlay is deprecated is cause trouble with replication. So I have dug to found a replacement solution, and what I have found is to add something like that :
In the olcDynamicList
olcDlAttrSet: myPerson labeledURI myMemberOf
And in each user <user> :
labeledURI: ldap:///ou=groups,dc=example,dc=com??sub?(&(objectclass=posixgroup) (memberuid=<user>))
It sounds like you're using the older 2.4 based dynlist rather than OpenLDAP 2.5 and later dynlist?
Regards, Quanah
— Frédéric Goudal Ingénieur Système, DSI Bordeaux-INP +33 556 84 23 11