When openldap is configured to make use of the dynlist module it can update the member and memberOf population recursively for nested groups by just quering with a searchfilter memberOf for it.
This should eliminates the need for nested group searches because it returns all memberships Similar: issue: 2409 Can we have a setting to enable this like LDAP_MATCHING_RULE_IN_CHAIN for AD
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue