[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4443) ldapsearch for dyngroup members does not work
> Issueing the following ldapsearch I'd expect it to both group entries:
> ldapsearch -b "ou=Tomcat_Roles,dc=o2online,dc=de" -D "<rootdn>" -H
> ldap://<ip>
> -WxZZLLL "(uniqueMember=uid=root,ou=tomcat_users,dc=o2online,dc=de)"
Your expectation is incorrect, since your search uses a base which differs
from the DN of the dynamic group. Dynamic group expansion occurs when a
dynamic group is being returned by a search, so it occurs __after__ a
filter is applied, and your filter cannot match the dynamic object
__before__ expansion. Either you filter for data that is statically in
the dynamic object, or access it by DN doing a base search.
p.
Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------