Ian Collins wrote:
Hello,This is my first post here, so if I'm going over old ground, please let me know (I have searched). I have looked through the archives and reached the conclusion that there isn't a convenient means of searching for groups based on a dynamic entry. For example, if I have a dynlist entry containing olcDlAttrSet: {0}groupOfURLs memberURL uniqueMember uniqueMember is dynamically added to search results, but can't be part of the search. Is this conclusion correct?
Yes.
I am migrating a client over from Sun's directory manager (which does allow searching on dynamic attributes) to OpenLDAP, so I have to support all the client applications that currently authenticate against and use LDAP. For example: filter="(&(objectClass=posixGroup)(uniqueMember=cn=Admins,ou=groups,o=staff,dc=company))" attrs="gidNumber"
Don't use dynamic groups then. Use autogroups. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
