On Wed, Nov 10, 2021 at 04:36:00PM -0800, Quanah Gibson-Mount wrote:
> If you disable the dynlist overlay, do you get the same behavior?
Nope; if I remove the line
dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames
from the config, the ldapcompare command succeeds as expected. Good call
:).
I only need it to add the memberOf attribute to users, I don't need it
to muck with the member attribute on groups (we don't have any dynamic
groups), but I didn't see a way to configure it that way?
For giggles I tried changing it to
dynlist-attrset groupOfURLs memberURL uniqueMember+memberOf@groupOfNames
which made the compare work but the memberOf attribute wasn't
populated...
Bug? Should I open an ITS?
Thanks much...
