On Mon, Mar 13, 2023 at 10:58:12AM +0100, Andreas Ladanyi wrote: > Hi, > > after upgrade from 2.5.13->2.5.14 i cant get any search result from slapd > when filtering for specific memberOf=value. If i downgrade back to slapd > 2.5.13 all is working again. > > It doesnt work with ldapsearch nor with sssd-ldap modul when filtering > entities with a specific memberOf=Value: > > ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b > OUR_BASE_DN '(memberOf=.........)' memberOf uid > > ldapsearch shows the entities with memberOf attribute and the memberOf value > if i search without a specific memberOf value in the filter: > > ldapsearch -o ldif-wrap=no -LLL -x -ZZ -H ldap://ldap-server -b > OUR_BASE-DN memberOf > > > The dynlist config is: > > dynlist-attrset labeledURIObject labeledURI memberOf
Hi Andreas, I'm pretty sure you configured a dynamic list (whose behaviour has been tightened recently) that you're using as a dynamic group. See the slapo-dynlist manpage for an example how we recommend setting this up. Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
