Am Fri, Aug 19, 2022 at 02:02:00PM +0200 schrieb Erik de Waard: > When openldap is configured to make use of the dynlist module it can update > the member and memberOf population recursively for nested groups by just > quering with a searchfilter memberOf for it. > > This should eliminates the need for nested group searches because it > returns all memberships
Hi, would you mind to open this request as an RFE at https://github.com/SSSD/sssd/issues/new? I'm not familiar with the details of the dynlist module, but if I understand it correctly everything happens on the server side and the client just has to ask for the related attribute, i.e. memberOf. In this case I wonder if setting ldap_group_nesting_level = 0 in the [domain/...] section of sssd.conf would already be sufficient? bye, Sumit > > Similar: issue: 2409 > > Can we have a setting to enable this like LDAP_MATCHING_RULE_IN_CHAIN for AD > _______________________________________________ > sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org > To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
