I you want add a second olcDlAttrSet do it this way:
-------------
dn: olcOverlay={1}dynlist,olcDatabase={1}mdb,cn=config
changetype: modify
add: olcDlAttrSet
olcDlAttrSet: groupOfURLs memberURL member+memberOf@groupOfNames
-------------Am 18.12.23 um 13:50 schrieb Christoph Pleger:
Hello,
I am using OpenLDAP 2.5.13 from Debian and want to use the dynamic list overlay
for replacing the memberOf overlay, but I cannot get it to work.
As I read in several places, I first imported dyngroup.ldif, then created an
ldif to load the dynlist module and the dynlist schema, like this:
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: dynlist
dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcDynamicList
olcOverlay: {1}dynlist
olcDlAttrSet: groupOfURLs memberURL member
Then, I created a group with this ldif:
dn: cn=Group1,ou=groups,dc=cs,dc=tu-dortmund,dc=de
objectClass: groupOfURLs
cn: Group1
memberURL: ldap:///dc=cs,dc=tu-dortmund,dc=de??sub?(employeeType=IT)
But though some of the users have employeeType=IT, I cannot get a user
attribute memberOf or alike that says that, for example ITuser1 is a member of
Group1 .
So, I tried another approach with dynlist that I read elsewhere:
dn: olcOverlay=dynlist,olcDatabase={1}mdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcDynamicList
olcOverlay: {1}dynlist
olcDlAttrSet: groupOfURLs memberURLĀ member+memberOf@groupOfNames
But with this, I got an error message that memberOf@groupOfNames is unknown.
So, I have some questions:
1. Does dynlist work this way only in OpenLDAP 2.6?
2. If no, do I have to import additional overlay ldifs?
3. Do I have to load additional modules other than dynlist?
4. Do I have to set other overlay attributes for the dynlist overlay?
Regards
Christoph
smime.p7s
Description: Kryptografische S/MIME-Signatur
