[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: status of dyngroup/dynlist?
* Pierangelo Masarati <ando@sys-net.it> [20050520 03:31]:
> > memberURL:
> > ldap:///ou=People,dc=example,dc=com?sub?(&(objectClass=posixaccount)
> > (gidnumber=123))
> >
> > memberURL:
> > ldap:///ou=People,dc=example,dc=com?sub?(objectclass=groupofnames)
>
> Neither fo the above is a valid LDAP URL; I'd check
> rfc2255/draft-ietf-ldapbis-url for the correct syntax, based on what you
> expect it to do.
>
Thanks for pointing me in the right direction. I looked at rfc2255 and
figured out the problem with my URLs.
And for the sake of the readers of the archives of this list, the
problem was that I was missing a question mark delimiter for the
attributes being requested by the search. In the case of a dyngroup one
doesn't want any attributes returned (just the matching DNs to populate
the member attribute of my dyngroup); but you still need the delimiter
even if the field being delimited is empty.
So my original URL didn't work:
ldap:///ou=People,dc=example,dc=com?sub?(objectclass=groupofnames)
Here's fixed version of the URL (note the extra question mark):
ldap:///ou=People,dc=example,dc=com??sub?(objectclass=groupofnames)
And if I were trying to retrieve a specific attribute ("cn", for
instance) it would be:
ldap:///ou=People,dc=example,dc=com?cn?sub?(objectclass=groupofnames)
My dyngroups are working now.
Thanks again,
Ben