https://bugs.openldap.org/show_bug.cgi?id=9747
Issue ID: 9747
Summary: dynlist overlay breaks member compare operation for
groups
Product: OpenLDAP
Version: 2.5.8
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: overlays
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Given the following group:
dn: uid=unxadmin,ou=group,dc=cpp,dc=edu
objectClass: groupOfNames
objectClass: cppGroup
objectClass: posixGroup
uid: unxadmin
cn: Unix Administrators
gidNumber: 17730
member:
member: uid=gkuri,ou=user,dc=cpp,dc=edu
member: uid=henson,ou=user,dc=cpp,dc=edu
memberUid: gkuri
memberUid: henson
and the following dynlist config:
dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames
ldap compare operations checking group membership fail erroneously:
# ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/
uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu
FALSE
If the dynlist-attrset configuration is removed, the compare works as expected:
# ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/
uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu
TRUE
--
You are receiving this mail because:
You are on the CC list for the issue.
