[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More on dynamic group searches

On 05/24/10 01:11 PM, Howard Chu wrote:
Ian Collins wrote:
On 05/23/10 09:21 PM, Howard Chu wrote:
Don't use dynamic groups then. Use autogroups.

Is there any documentation of autogroup or how to debug it?

I've read the README, build the module and updated my config thus:

dn: cn={8}dyngroup,cn=schema,cn=config
olcObjectClasses: {0}( NetscapeLDAPobjectClass:33 NAME 'groupOfURLs' SUP
top S
TRUCTURAL MUST cn MAY ( memberURL $ businessCategory $ description $ o
$ ou $
     owner $ seeAlso $ member ) )

dn: cn=module{1},cn=config
objectClass: olcModuleList
cn: module{1}
olcModulePath: /opt/local/libexec/openldap
olcModuleLoad: {0}dynlist.la
olcModuleLoad: {1}memberof.la
olcModuleLoad: {2}auditlog.la
olcModuleLoad: {3}autogroup.la

dn: olcOverlay={2}autogroup,olcDatabase={1}hdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcAutomaticGroups
olcOverlay: {2}autogroup
olcAGattrSet: {0}groupOfURLs memberURL member

But it doesn't appear to be working.

What have you done to test it? As the README says, it operates when a write operation occurs that may affect the membership of a given group.

Yes it does, I was was using the wrong search (searching on uniqueMember, not member).

The README states the <member-ad> part of the olcAGattrSet is fixed, this appears to be the case as I can't get uniqueMember to work.