Re: [Lam-public] Mass editing of records?

Fri, 30 May 2025 11:52:35 -0700 

Hi Dave,
memberOf is a virtual attribute. There is no need to set it yourself. It is automatically filled by the overlays. In LAM's tree view you can see "memberOf" as part of the internal attributes. 
Here is a sample for the dynlist config:

dn: olcOverlay={3}dynlist,olcDatabase={1}mdb,cn=config
objectclass: olcOverlayConfig
objectclass: olcDynamicList
olcdynlistattrset: {0}groupOfURLs memberURL member+memberOf@groupOfNames
olcdynlistattrset: {1}nisMailAlias labeledURI
olcoverlay: {3}dynlist


Best regards
Roland


Am 29.05.25 um 22:06 schrieb Dave Hayes:

So I've been porting a legacy LDAP database from old Mac OS X to OpenLDAP. (I
know some of you will stop reading here in memory of high frustration ... lol).

Most group LDAP records I have look like this:

   #### DN: cn=training,cn=groups,dc=mycompany,dc=com
      cn => [ training ]
      gidNumber => [ 100 ]
      memberUid => [ alice, bob, carla, dave ],
      objectClass => [ apple-group,extensibleObject,posixGroup,top ]

For various reasons, I need a memberOf attribute to work from OpenLDAP for
these groups on user records. This has been a pain point.

First, the memberOf overlay (which appears to be deprecated) requires me to
read in and write out all the user records. I didn't know how to do that in Lam
PRO, so my first question is of course ... how would I just read in and write
out all the user records so OpenLDAP will attach the proper memberOf attribute?

Next, in consideration of trying to support myself, I found the dynlist overlay.
At first glance, this is likely the more correct way to go since it observes
the single source of truth idea and does not duplicate the group membership
data. However, that seems to (after much research) require me to take the
memberUid array and convert it to a memberURL entry for each value in the
memberUid array.

This brings me to my second question: Can LAM Pro do that?

My final question is: Is there something I am missing here?  I am not new to
computer science but I am rather new to LDAP.

Thanks for any cogent replies.




_______________________________________________
Lam-public mailing list
Lam-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lam-public

Reply via email to