[Date Prev][Date Next]
two issues with dyngroups
I'm an happy users of dynlist overlay, in order to make my unix users
members of their unix primary group:
# admins, groups, msr-inria.inria.fr
With this configuration:
# dynamic groups
dynlist-attrset groupOfURLs memberURL member
However, I'm facing two issues here.
The first is that dynlist overlay only accept a single configuration
directive for the whole base, preventing to map differently the request
URL depending on the context. In my previous example, I need to map the
URL as DN, because I'm dynamically building a group from users. If I
wanted to build a group from other group, my URL would have been
and the configuration directive would have been instead
dynlist-attrset groupOfURLs memberURL
It would be nice to handle the overlay differently there.
The second directive is that ACLs seems to ignore this dynamic group:
access to dn.subtree="dc=msr-inria,dc=inria,dc=fr"
by group="cn=admins,ou=groups,dc=msr-inria,dc=inria,dc=fr" write
by * break
This worked with a static group, it doesn't work anymore with a dynamic
one as I just presented.
I'm using OpenLDAP 2.4.11. Should I open ITS for those issues ?
Moyens Informatiques - INRIA Futurs
Tel: 01 69 35 69 62