[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5717) slapo-dynlist expantion failed for mapped attributes

To: openldap-its@OpenLDAP.org
Subject: (ITS#5717) slapo-dynlist expantion failed for mapped attributes
From: menu@netbsd.org
Date: Mon, 29 Sep 2008 13:34:41 GMT

Full_Name: Emmanuel Dreyfus
Version: OpenLDAP-2.4.11
OS: NetBSD-4.0
URL: 
Submission from: (NULL) (193.54.82.42)


If slapo-dynlist is configured with attribute mapping, dynlist expantion will
only work if the member attribute in included in the searched attriute set.

Here is an example:

Config:
  overlay dynlist
  dynlist-attrset ExMailAddress memberURL mailbox:revalias

Searched entry:
  dn: mailAddress=foo-employee@example.net,o=ex
  objectClass: exMailAddress
  mailAddress: foo-employee@example.net
  memberURL: ldap:///o=ex,revalias?sub?(&(objectClass=exPerson)(employer=foo)) 


Expantion looks up objects like this:
  dn: uid=jdoe,o=ex
  objectClass: exPerson
  uid: jdoe
  revalias: john.doe@example.net
  employer: foo

With the member attribute in the searched attribute set:
$ ldapsearch mailAddress=foo-employee@example mailbox revalias
  dn: mailAddress=foo-employee@example.net,o=ex
  mailbox: john.doe@example.net
  mailbox: joe.luser@example.net
  mailbox: emmanuel.dreyfus@example.net 

Without it:
$ ldapsearch mailAddress=foo-employee@example mailbox
  dn: mailAddress=foo-employee@example.net,o=ex

Note that if no attribute set is provided, it works:
$ ldapsearch mailAddress=foo-employee@example
  dn: mailAddress=foo-employee@example.net,o=ex
  objectClass: exMailAddress
  mailAddress: foo-employee@example.net
  mailbox: john.doe@example.net
  mailbox: joe.luser@example.net
  mailbox: emmanuel.dreyfus@example.net
  memberURL: ldap:///o=ex,revalias?sub?(&(objectClass=exPerson)(employer=foo))


I should provide a fix for that soon.

Prev by Date: Re: (ITS#5716) test046-dds failed (exit 127): invalid ELF header
Next by Date: Bug- Enforcing validation when validator is NULL
Index(es):
- Chronological
- Thread