On Thu, Mar 16, 2023 at 03:22:25PM +0100, Andreas Ladanyi wrote:
Hi,
i changed my config a bit but it doesnt work.
i dont have a dynamic group. Yes i configured a dynamic list. We want to add the memberOf attribute to user entries.
We have static groups with objectclass "groupofnames" which contain the DN of users with attribute "member=uid=name,............"
The user entries contain the attribute labeledURI=ldap:///BASE_DN?entryDN?sub?(&(objectClass=groupOfNames)(member=uid=name,..........))
So the DNs of all the static groupofname groups which a user is a member of should be returned by the dynlist URI expansion.
The dynlist modul should map the entryDNs of the expansion to memberOf and the memberOf attribute should be delivered with the user entry output when ldapsearch:
dynlist-attrset labeledURIObject labeledURI memberOf:entryDN
ldapsearch -H ldap://LDAP_Server -s sub -b BASE_DN '(|(uid=username))' memberOf
ldapsearch with no result.
Hi, is there a reason you don't just follow what the dynlist manpage says for static groups?
e.g. dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames
That way you can get rid of having to set labeledURI on each of the users as well...
Regards,