Hello list,
I have an openldap 2.4.49 (ubuntu 20.04 LTS) server pair running with
syncrepl. I also have memberof overlay activated and during a debug
session found out that this is a no-go. I was debugging a problem where
an user record that is in two groups only shows one memberOf attribute
value whereas other users show the expected amount of memberOf values.
Now I'm looking into replacing the memberof overlay but it appears that
for my use case there is no replacement at all.
dynlist seems made to create dynamic groups or lists respectively but
everything in my DIT is a static group and static users. They are
created by a commercial product and I am unable to add further specific
URL attributes there when new entries are created.
I stumbled upon
https://www.mail-archive.com/[email protected]/msg26067.html
via google search, but blindly copying the dynlist-attrset merely causes
the slapd to reply with
"/etc/ldap/slapd.conf: line 149: "dynlist-attrset <oc> [uri] <URL-ad>
[[<mapped-ad>:]<member-ad> ...]": unable to find AttributeDescription #0
"member+memberOf@groupOfNames"#012. " on startup and stopping
immediately. I suppose it needs some schema extension but of what I
don't understand and neither will I have a trigger objectClass unless I
could just use inetOrgPerson as trigger and have it work.
Is there a way to get back "synthetic" memberOf entries on static user
records (which are inetOrgPerson) with static groups (which are
groupOfNames) on openldap 2.4.49 without adding any special attributes
into users and/or groups themselves ?
Kind regards,
René
--
[email protected]
T +41 44 268 83 10
Ergon Informatik AG, Merkurstrasse 43, CH-8032 Zürich
www.ergon.ch
smart people – smart software
* * * * * * * * * * * * * * * * * * * * * * * * *
DELIVERING TECHNOLOGY ADVANTAGE SINCE 1984
