On 09/25/2009 10:40 AM, Alexander 'Leo' Bergolth wrote: > On 09/24/2009 08:43 PM, Howard Chu wrote: >> Alexander 'Leo' Bergolth wrote: >>> Are there any plans to extend the dynlist overlays dynamic group feature >>> to return not the DNs of the matched entries but an attribute of the >>> entries? >> As Andreas already posted, this has been a dynlist feature for a long time. > > As explained in my previous mail, this functionality isn't covered yet > for posixGroups memberUid style setups.
For the records: Actually it seems to be implemented since 2.4.9: > Added slapo-dynlist mapping to dynamic attrs generation (ITS#5466) http://www.openldap.org/lists/openldap-bugs/200804/msg00087.html I managed to configure a dynamic posixGroup using the following settings: -------------------- 8< -------------------- dn: olcOverlay={0}dynlist,olcDatabase={1}bdb,cn=config objectClass: olcDynamicList objectClass: olcOverlayConfig olcOverlay: {0}dynlist olcDlAttrSet: {0}posixGroup labeledURI memberUid:uid -------------------- 8< -------------------- This leads to a remap of uid attributes to memberUid attributes in the dynamic posixGroup. Now we just have to define a search filter in the labeledURI attribute of the posixGroup: -------------------- 8< -------------------- dn: cn=testposixgroup,ou=LDAPgroups,dc=wu-wien,dc=ac,dc=at objectClass: labeledURIObject objectClass: posixGroup objectClass: top cn: testposixgroup gidNumber: 9999 labeledURI: ldap:///dc=wu-wien,dc=ac,dc=at?uid?sub?(&(objectclass=posixAccount)(testattr=1)) -------------------- 8< -------------------- Cheers, --leo -- e-mail ::: Leo.Bergolth (at) wu.ac.at fax ::: +43-1-31336-906050 location ::: IT-Services | Vienna University of Economics | Austria
