On Thu, Mar 16, 2023 at 03:22:25PM +0100, Andreas Ladanyi wrote: > Hi, > > i changed my config a bit but it doesnt work. > > i dont have a dynamic group. Yes i configured a dynamic list. We want to add > the memberOf attribute to user entries. > > We have static groups with objectclass "groupofnames" which contain the DN > of users with attribute "member=uid=name,............" > > The user entries contain the attribute > labeledURI=ldap:///BASE_DN?entryDN?sub?(&(objectClass=groupOfNames)(member=uid=name,..........)) > > So the DNs of all the static groupofname groups which a user is a member of > should be returned by the dynlist URI expansion. > > > The dynlist modul should map the entryDNs of the expansion to memberOf and > the memberOf attribute should be delivered with the user entry output when > ldapsearch: > > dynlist-attrset labeledURIObject labeledURI memberOf:entryDN > > ldapsearch -H ldap://LDAP_Server -s sub -b BASE_DN '(|(uid=username))' > memberOf > > ldapsearch with no result.
Hi, is there a reason you don't just follow what the dynlist manpage says for static groups? e.g. dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames That way you can get rid of having to set labeledURI on each of the users as well... Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
