On 05/04/2019 16:33, Clément OUDOT
wrote:
Le 05/04/2019 à 10:36, Olivier - a
écrit :
Hi all,
Hello,
I'm testing static
group and dynamic group.
- Dynmaic group : is it possible to do reverse search in
dynamic group ? I reead something about the
"ismemberof" attribute and ds-virtual-static-group.
But i'm not sure we can do it with openldap
Not with dynlist overlay, but you could try autogroup overlay
with memberof overlay. The autogroup overlay will build static
groups trough a memberUrl.
-
- Static group seems to be fine for me. I have a
newbie's question :
can we have , for example, the mail attribute of all
members of service Y in only one request ?
I mean : make a request on service Y to have member's
list and , in the same action , have the member's mail.
You could do it by using the "deref" search extended control.
--
Clément Oudot | Identity Solutions Manager
clement.oudot@worteks.com
Worteks | https://www.worteks.com
Hi,
I have implemented a setup like that ("autogroup" and
"memberof" overlay, modified dynlist schema to include "member"
attribute).
Everything is working, except for the memberOf attribute in
combination with autogroup and a groupOfURLs.
E.g. I can list all the members of an autogroup fine if I
search for the group, but if I request the memberOf for a
certain uid, only the non-autogroup groups are returned.
According to the bits of documentation I could find, everything
should be setup correctly, but the memberOf is never set for
autogroups.
From #openldap I got the information that this should be
working, theoretically, ... see this thread, which describes
exactly my use case with the same problems surfacing:
http://www.openldap.org/lists/openldap-bugs/201407/msg00040.html
Any insights on this?