Hey Andreas, Andreas Hasenack wrote: > On Wed, Sep 16, 2009 at 17:42, Ryan Steele <ry...@aweber.com> wrote: >> query returns nothing: >> >> ldapsearch -x -w SECRET -D "cn=admin,dc=example,dc=com" -b >> "cn=testgroup,ou=Groups,dc=example,dc=com" -LLL '(uid=user1)' > > > This filter doesn't look right. Try > "(member=uid=user1,ou=Users,dc=example,dc=com)" > >> ldapsearch -x -w SECRET -D "cn=admin,dc=example,dc=com" -b "cn=testgroup >> ou=Groups,dc=example,dc=com" -LLL >> dn: cn=testgroup,ou=Groups,dc=example,dc=com >> ou: Groups >> cn: testgroup >> objectClass: groupOfURLs >> memberURL: >> ldap:///ou=Users,dc=example,dc=com?uid?sub?(&(employeeType=Developer >> )(objectClass=exampleEmployee)) >> member: uid=user1,ou=Users,dc=example,dc=com >> member: uid=user2,ou=Users,dc=example,dc=com >> member: uid=user3,ou=Users,dc=example,dc=com
Thanks for the advice - I think you're right about filtering on the 'member' attribute. However, doing so still returns the entire list, not the individual member I'm filtering for. E.g., the same results as: ldapsearch -x -w SECRET -D "cn=admin,dc=example,dc=com" -b "cn=testgroup,ou=Groups,dc=example,dc=com" -LLL '(member=*)' At an even more basic level, something like this should work too, but it returns nothing: ldapsearch -x -w SECRET -D "cn=admin,dc=example,dc=com" -b "cn=testgroup,ou=Groups,dc=example,dc=com" -LLL member I'm not quite sure how to explain this behavior, given the implications made in the following two posts which indicate that I should be able to use dynamically generated attributes as filter expressions: http://www.openldap.org/lists/openldap-software/200802/msg00211.html http://www.openldap.org/lists/openldap-software/200812/msg00038.html Also, in the earlier ITS filed for the autogroup contrib overlay, it states that for searches and compares, it should behave like a static group, bolstering that supposition: http://www.openldap.org/lists/openldap-bugs/200709/msg00128.html So, should I be searching for a bug (which was the premise for the OP), or has the behavior of autogroup changed since its inception? As always, many thanks for any and all advice! Respectfully, Ryan
