Hi All, I have problem with dynlist overlay, this is my configuration:
olcOverlay={1}dynlist,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: {1}dynlist olcDynListAttrSet: {0}groupOfURLs memberURL member olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf
First I create static group:
cn=devops,ou=groups,dc=test,dc=com cn: devops objectClass: groupOfUniqueNames objectClass: top description: devops group uniqueMember: uid=test1,ou=people,dc=test,dc=com uniqueMember: uid=test2,ou=people,dc=test,dc=com
When I create new dynamic group:
cn=testluri,ou=groups,dc=test,dc=com cn: testluri objectClass: top objectClass: groupOfURLs description: test group memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=test,dc=com)
I don't get any member of group. Users test1 and test2 already have memberOf attribute:
memberOf: cn=devops,ou=groups,dc=test,dc=com
When I change memberURL to use not dynamic attributes (memberOf):
memberURL: ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))
users added to testluri group and dynlist works well. What I should do to configure dynlist with memberOf?
Openldap 2.5.12
Regards BS
--On Tuesday, June 28, 2022 12:18 PM +0200 Bog Dan bsiara.cgi@gmail.com wrote:
Hi All, I have problem with dynlist overlay, this is my configuration:
olcOverlay={1}dynlist,olcDatabase={1}mdb,cn=config objectClass: olcOverlayConfig objectClass: olcDynListConfig olcOverlay: {1}dynlist olcDynListAttrSet: {0}groupOfURLs memberURL member olcDynListAttrSet: {1}inetOrgPerson labeledURI memberOf
First I create static group:
cn=devops,ou=groups,dc=test,dc=com cn: devops objectClass: groupOfUniqueNames objectClass: top description: devops group uniqueMember: uid=test1,ou=people,dc=test,dc=com uniqueMember: uid=test2,ou=people,dc=test,dc=com
When I create new dynamic group:
cn=testluri,ou=groups,dc=test,dc=com cn: testluri objectClass: top objectClass: groupOfURLs description: test group memberURL: ldap:///ou=people,dc=test,dc=com??sub?(memberOf=cn=devops,ou=groups,dc=te st,dc=com)
I don't get any member of group. Users test1 and test2 already have memberOf attribute:
memberOf: cn=devops,ou=groups,dc=test,dc=com
When I change memberURL to use not dynamic attributes (memberOf):
memberURL: ldap:///ou=people,dc=test,dc=com??sub?(|(uid=test1)(uid=test2))
users added to testluri group and dynlist works well. What I should do to configure dynlist with memberOf?
I've read your email multiple times, and quite frankly I don't understand what your end goal is.
If your end goal is to have static groups, where memberOf is dynamically populated on the user entries (which is the usual use case for replacing the 2.4 memberOf), then your configs are clearly incorrect.
Can you better explain what your end goal is?
Thanks, Quanah
openldap-technical@openldap.org