[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
dynlist, memberof,and authentication
- To: openldap-technical@openldap.org
- Subject: dynlist, memberof,and authentication
- From: Richard Pijnenburg <richard@softwaredev.nl>
- Date: Thu, 27 Sep 2012 18:55:48 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=softwaredev.nl; h=content-transfer-encoding:content-type:content-type:subject :subject:mime-version:user-agent:from:from:date:date:message-id :received:received; s=key; t=1348764961; x=1350579361; bh=2sVNp5 BIxSTRuYjnoiJa0GNXCN8DjBPiDqbHMqb1NbQ=; b=CD6CUnWc+MZp+tlO/42WNt XRLlgqWE1i/UpRCY4dbXbZWAlimFG/hhHQhsFic8S8cbxVnpyuwJGBLTrAxutljZ b1Np1eg1Wl2aFwjtRznXfg6jO/5wA9r2uLUEAOW5xnvqq3ZK1tOJm/ULgEOuZOq7 TKd1cahrnM5NMkVAUxafo=
- User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
Hi all,
I've created a group with the dynlist overlay to create dynamic groups.
Now i want to implement authentication with it but seem to be unable to
search on it with nss-pam-lib or sssd.
Before i start configuring all that stuff i wanted to see what
search/filter string i need to make and been playing around to get the
member.
When i search with base the dynamic group i get all the members/
# ldapsearch -x -b 'cn=prod,ou=isp,ou=acl,dc=ispavailability,dc=com'
dn: cn=prod,ou=isp,ou=acl,dc=ispavailability,dc=com
objectClass: groupOfURLs
cn: prod
memberURL:
ldap:///cn=sysadmin,ou=isp,ou=groups,dc=ispavailability,dc=com?memb
er?sub?
member: uid=richard,ou=people,dc=ispavailability,dc=com
So i thought i'll create a search string for the cn and the member.
# ldapsearch -x
'(&(cn=prod)(member=uid=richard,ou=people,dc=ispavailability,dc=com))'
And i get nothing....
So i thought about using the memberof overlay with it.
# ldapsearch -x uid=richard memberof
I get the static group trough the memberof overlay but not the dynamic
group.
Am i missing something or am i trying to do something that's simply not
possible?
Cheers.
Richard