Am Tue, 31 Jul 2012 08:16:39 -0400 schrieb Patrick Hemmer <[email protected]>:
> Sent: Tue Jul 31 2012 02:55:05 GMT-0400 (EDT) > From: Dieter Klünter <[email protected]> > To: [email protected] > Subject: Re: Issue with dynlist overlay > > Am Mon, 30 Jul 2012 12:52:22 -0400 > > schrieb Patrick Hemmer<[email protected]>: > > > >> So I just ran across an undocumented issue with slapo-dynlist. I'm > >> not sure if this is a bug, or just missing in the documentation. > >> > >> The issue is that if the entry being dynamically added to the > >> parent entry has the objectClass slapo-dynlist is configured to > >> use, that entry is not dynamically added to the parent. > >> For example: > >> ---- > >> olcOverlay=dynlist,olcdatabase=hdb,cn=config > >> objectClass: olcDynamicList > >> objectClass: olcOverlayConfig > >> olcDlAttrSet: groupOfURLs memberUrl > >> ---- > >> dn: cn=parent,dc=example,dc=com > >> objectClass: groupOfNames > >> objectClass: groupOfURLs > >> member: uid=foo,dc=example,dc=com > >> memberUrl: ldap:///cn=child,dc=example,dc=com > >> > >> dn: cn=child,dc=example,dc=com > >> objectClass: groupOfNames > >> objectClass: groupOfURLs > >> member: uid=bar,dc=example,dc=com > >> --- > >> > >> In the above example, I would "member: uid=bar,dc=example,dc=com" > >> to be added to cn=parent,dc=example,dc=com, but it isn't. > >> > >> Now the documentation clearly states recursion is not allowed, so > >> if cn=child were to have a 'memberUrl', this memberUrl would not be > >> expanded. But this is not what is being done here, cn=child has no > >> memberUrl present. It also behaves perfectly fine if I pull the > >> "objetClass: groupOfURLs" off cn=child. > >> > >> So is this supposed to behave this way? If so can the documentation > >> be updated to indicate this restriction? > >> If not I'd be happy to open an ITS on the issue. > > The memberURL attribute value is not complete, see rfc 4516. It > > should be something like > > memberURL:ldap:///cn=child,dc=example,dc=com?<attributetype>?<scope>?<filter> > > > > > > -Dieter > > > > I've tried that too, it doesn't matter. > > > It also behaves perfectly fine if I pull the "objetClass: > groupOfURLs" off cn=child. Your principle design is a bit strange, objectClass groupOfURLs is a structural object class. Try something like dn: cn=parent,dc=example,dc=com objectClass: groupOfURLs memberUrl: ldap:///cn=child,dc=example,dc=com?member?base?(objectclass=groupOfNames) dn: cn=child,dc=example,dc=com objectClass: groupOfNames member: uid=bar,dc=example,dc=com member: uid=foo,dc=example,dc=com -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:DA147B05 53°37'09,95"N 10°08'02,42"E
