[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Issue with dynlist overlay

Am Mon, 30 Jul 2012 12:52:22 -0400
schrieb Patrick Hemmer <openldap@stormcloud9.net>:

> So I just ran across an undocumented issue with slapo-dynlist. I'm
> not sure if this is a bug, or just missing in the documentation.
> The issue is that if the entry being dynamically added to the parent 
> entry has the objectClass slapo-dynlist is configured to use, that
> entry is not dynamically added to the parent.
> For example:
> ----
> olcOverlay=dynlist,olcdatabase=hdb,cn=config
> objectClass: olcDynamicList
> objectClass: olcOverlayConfig
> olcDlAttrSet: groupOfURLs memberUrl
> ----
> dn: cn=parent,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: groupOfURLs
> member: uid=foo,dc=example,dc=com
> memberUrl: ldap:///cn=child,dc=example,dc=com
> dn: cn=child,dc=example,dc=com
> objectClass: groupOfNames
> objectClass: groupOfURLs
> member: uid=bar,dc=example,dc=com
> ---
> In the above example, I would "member: uid=bar,dc=example,dc=com" to
> be added to cn=parent,dc=example,dc=com, but it isn't.
> Now the documentation clearly states recursion is not allowed, so if 
> cn=child were to have a 'memberUrl', this memberUrl would not be 
> expanded. But this is not what is being done here, cn=child has no 
> memberUrl present. It also behaves perfectly fine if I pull the 
> "objetClass: groupOfURLs" off cn=child.
> So is this supposed to behave this way? If so can the documentation
> be updated to indicate this restriction?
> If not I'd be happy to open an ITS on the issue.

The memberURL attribute value is not complete, see rfc 4516. It should
be something like


Dieter KlÃnter | Systemberatung
GPG Key ID:DA147B05