[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Issue with dynlist overlay
Am Mon, 30 Jul 2012 12:52:22 -0400
schrieb Patrick Hemmer <openldap@stormcloud9.net>:
> So I just ran across an undocumented issue with slapo-dynlist. I'm
> not sure if this is a bug, or just missing in the documentation.
>
> The issue is that if the entry being dynamically added to the parent
> entry has the objectClass slapo-dynlist is configured to use, that
> entry is not dynamically added to the parent.
> For example:
> ----
> olcOverlay=dynlist,olcdatabase=hdb,cn=config
> objectClass: olcDynamicList
> objectClass: olcOverlayConfig
> olcDlAttrSet: groupOfURLs memberUrl
> ----
> dn: cn=parent,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: groupOfURLs
> member: uid=foo,dc=example,dc=com
> memberUrl: ldap:///cn=child,dc=example,dc=com
>
> dn: cn=child,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: groupOfURLs
> member: uid=bar,dc=example,dc=com
> ---
>
> In the above example, I would "member: uid=bar,dc=example,dc=com" to
> be added to cn=parent,dc=example,dc=com, but it isn't.
>
> Now the documentation clearly states recursion is not allowed, so if
> cn=child were to have a 'memberUrl', this memberUrl would not be
> expanded. But this is not what is being done here, cn=child has no
> memberUrl present. It also behaves perfectly fine if I pull the
> "objetClass: groupOfURLs" off cn=child.
>
> So is this supposed to behave this way? If so can the documentation
> be updated to indicate this restriction?
> If not I'd be happy to open an ITS on the issue.
The memberURL attribute value is not complete, see rfc 4516. It should
be something like
memberURL:ldap:///cn=child,dc=example,dc=com?<attributetype>?<scope>?<filter>
-Dieter
--
Dieter KlÃnter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53Â37'09,95"N
10Â08'02,42"E