[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Issue with dynlist overlay

To: openldap-technical@openldap.org
Subject: Re: Issue with dynlist overlay
From: Dieter KlÃnter <dieter@dkluenter.de>
Date: Tue, 31 Jul 2012 14:53:03 +0200
In-reply-to: <5017CCA7.5080000@stormcloud9.net>
Organization: AVCI
References: <5016BBC6.8010605@stormcloud9.net> <20120731085505.25070de0@violet.avci.de> <5017CCA7.5080000@stormcloud9.net>

Am Tue, 31 Jul 2012 08:16:39 -0400
schrieb Patrick Hemmer <openldap@stormcloud9.net>:

> Sent: Tue Jul 31 2012 02:55:05 GMT-0400 (EDT)
> From: Dieter KlÃnter <dieter@dkluenter.de>
> To: openldap-technical@openldap.org
> Subject: Re: Issue with dynlist overlay
> > Am Mon, 30 Jul 2012 12:52:22 -0400
> > schrieb Patrick Hemmer<openldap@stormcloud9.net>:
> >
> >> So I just ran across an undocumented issue with slapo-dynlist. I'm
> >> not sure if this is a bug, or just missing in the documentation.
> >>
> >> The issue is that if the entry being dynamically added to the
> >> parent entry has the objectClass slapo-dynlist is configured to
> >> use, that entry is not dynamically added to the parent.
> >> For example:
> >> ----
> >> olcOverlay=dynlist,olcdatabase=hdb,cn=config
> >> objectClass: olcDynamicList
> >> objectClass: olcOverlayConfig
> >> olcDlAttrSet: groupOfURLs memberUrl
> >> ----
> >> dn: cn=parent,dc=example,dc=com
> >> objectClass: groupOfNames
> >> objectClass: groupOfURLs
> >> member: uid=foo,dc=example,dc=com
> >> memberUrl: ldap:///cn=child,dc=example,dc=com
> >>
> >> dn: cn=child,dc=example,dc=com
> >> objectClass: groupOfNames
> >> objectClass: groupOfURLs
> >> member: uid=bar,dc=example,dc=com
> >> ---
> >>
> >> In the above example, I would "member: uid=bar,dc=example,dc=com"
> >> to be added to cn=parent,dc=example,dc=com, but it isn't.
> >>
> >> Now the documentation clearly states recursion is not allowed, so
> >> if cn=child were to have a 'memberUrl', this memberUrl would not be
> >> expanded. But this is not what is being done here, cn=child has no
> >> memberUrl present. It also behaves perfectly fine if I pull the
> >> "objetClass: groupOfURLs" off cn=child.
> >>
> >> So is this supposed to behave this way? If so can the documentation
> >> be updated to indicate this restriction?
> >> If not I'd be happy to open an ITS on the issue.
> > The memberURL attribute value is not complete, see rfc 4516. It
> > should be something like
> > memberURL:ldap:///cn=child,dc=example,dc=com?<attributetype>?<scope>?<filter>
> >
> >
> > -Dieter
> >
> 
> I've tried that too, it doesn't matter.
> 
>  > It also behaves perfectly fine if I pull the "objetClass: 
> groupOfURLs" off cn=child.

Your principle design is a bit strange, objectClass groupOfURLs is a
structural object class. Try something like

dn: cn=parent,dc=example,dc=com
objectClass: groupOfURLs
memberUrl:
 ldap:///cn=child,dc=example,dc=com?member?base?(objectclass=groupOfNames)

dn: cn=child,dc=example,dc=com
objectClass: groupOfNames
member: uid=bar,dc=example,dc=com
member: uid=foo,dc=example,dc=com


-Dieter

-- 
Dieter KlÃnter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53Â37'09,95"N
10Â08'02,42"E

Follow-Ups:
- Re: Issue with dynlist overlay
  - From: Patrick Hemmer <openldap@stormcloud9.net>

References:
- Issue with dynlist overlay
  - From: Patrick Hemmer <openldap@stormcloud9.net>
- Re: Issue with dynlist overlay
  - From: Dieter KlÃnter <dieter@dkluenter.de>
- Re: Issue with dynlist overlay
  - From: Patrick Hemmer <openldap@stormcloud9.net>

Prev by Date: Re: Issue with dynlist overlay
Next by Date: Re: Issue with dynlist overlay
Index(es):
- Chronological
- Thread