At face value this looks like a value-adding feature. @Daan: could you raise a ticket in our JIRA, and elaborate on the requirements? E.g. reference this thread. A ticket will help in capturing details, and enables (other) contributors to work on it.
Best regards, Pierre Smits *Apache Trafodion <https://trafodion.apache.org>, Vice President* *Apache Directory <https://directory.apache.org>, PMC Member* Apache Incubator <https://incubator.apache.org>, committer *Apache OFBiz <https://ofbiz.apache.org>, contributor (without privileges) since 2008* Apache Steve <https://steve.apache.org>, committer On Fri, Jun 14, 2019 at 11:29 AM Emmanuel Lécharny <[email protected]> wrote: > > On 14/06/2019 11:08, Daan Hoogland wrote: > > H, > > I got passed loading users > > > Good ! > > > > and am facing the next point; the memberOf attribute. It is not > > supposed to be in ADS yet, and as per the latest comment in > > DIRSERVER-1844 > > < > https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598> > > > will probably not be implemented. Now I am testing against an embedded > > ADS and need yto operate on a variety of LDAP servers, so I want to > > have it anyway. Is there a way to hack it in? > > I looked at the stackoverflow question about this > > < > https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds> > > > but after loading the extra schema the warning "Requested attribute > > memberOf does not exist in the schema, it will be ignored". I don't > > care for the overhead for now but really need to test this functionality. > > So the whole idea of having the memberOf attribute implemented is to be > able, to 'generate' it on the fly ie when searching for entries that are > member of a 'groupOfNames' entry. A good description is given on > > https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance > > > How to implement that in ApacheDS ? We would need to create a new > Interceptor that acts upon a search operation by doing a search on > entries containing the 'member' attribute with a DN associated to the > entries being returned by the search. If we find some, then we create > the 'memberOf' attribute and inject the group entry's DN into it. > > That is not really complex, except that if you want it to have good > performance, you need to add an index on the 'member' attribute. > > It's a couple of days work, tests included. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
