@Pierre, Do you ask me to add an extra ticket next to DIRSERVER-1844? @Emmanuel, I saw your argument against it in that ticket. So I was actually asking for a workaround. Is this a couple of days work for a newbee or for you? I can justify a day or so, but certainly not a week.
regards, On Fri, Jun 14, 2019 at 11:41 AM Pierre Smits <[email protected]> wrote: > > At face value this looks like a value-adding feature. > > @Daan: could you raise a ticket in our JIRA, and elaborate on the > requirements? E.g. reference this thread. A ticket will help in capturing > details, and enables (other) contributors to work on it. > > Best regards, > > Pierre Smits > > *Apache Trafodion <https://trafodion.apache.org>, Vice President* > *Apache Directory <https://directory.apache.org>, PMC Member* > Apache Incubator <https://incubator.apache.org>, committer > *Apache OFBiz <https://ofbiz.apache.org>, contributor (without privileges) > since 2008* > Apache Steve <https://steve.apache.org>, committer > > > On Fri, Jun 14, 2019 at 11:29 AM Emmanuel Lécharny <[email protected]> > wrote: > >> >> On 14/06/2019 11:08, Daan Hoogland wrote: >> > H, >> > I got passed loading users >> >> >> Good ! >> >> >> > and am facing the next point; the memberOf attribute. It is not >> > supposed to be in ADS yet, and as per the latest comment in >> > DIRSERVER-1844 >> > < >> https://issues.apache.org/jira/browse/DIRSERVER-1844?focusedCommentId=16519598&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-16519598> >> >> > will probably not be implemented. Now I am testing against an embedded >> > ADS and need yto operate on a variety of LDAP servers, so I want to >> > have it anyway. Is there a way to hack it in? >> > I looked at the stackoverflow question about this >> > < >> https://stackoverflow.com/questions/11174835/add-memberof-attribute-to-apacheds> >> >> > but after loading the extra schema the warning "Requested attribute >> > memberOf does not exist in the schema, it will be ignored". I don't >> > care for the overhead for now but really need to test this >> functionality. >> >> So the whole idea of having the memberOf attribute implemented is to be >> able, to 'generate' it on the fly ie when searching for entries that are >> member of a 'groupOfNames' entry. A good description is given on >> >> https://www.openldap.org/doc/admin24/overlays.html#Reverse%20Group%20Membership%20Maintenance >> >> >> How to implement that in ApacheDS ? We would need to create a new >> Interceptor that acts upon a search operation by doing a search on >> entries containing the 'member' attribute with a DN associated to the >> entries being returned by the search. If we find some, then we create >> the 'memberOf' attribute and inject the group entry's DN into it. >> >> That is not really complex, except that if you want it to have good >> performance, you need to add an index on the 'member' attribute. >> >> It's a couple of days work, tests included. >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> -- Daan
