[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: More on dynamic group searches



On 05/24/10 03:34 PM, Ian Collins wrote:
On 05/24/10 01:11 PM, Howard Chu wrote:
What have you done to test it? As the README says, it operates when a write operation occurs that may affect the membership of a given group.

Yes it does, I was was using the wrong search (searching on uniqueMember, not member).

The README states the <member-ad> part of the olcAGattrSet is fixed, this appears to be the case as I can't get uniqueMember to work.

So, going back to my original problem, is there anyway OpenLDAP can support this search with dynamic/auto groups?

filter="(&(objectClass=posixGroup)(uniqueMember=cn=Admins,ou=groups,o=staff,dc=company))" attrs="gidNumber"

autogroup would work if the search were changed to:

filter="(&(objectClass=posixGroup)(member=cn=Admins,ou=groups,o=staff,dc=company))" attrs="gidNumber"

But I am unable to modify these searches as they are from third party applications which assume group members are identified by uniqueMember rather than member.

--
Ian.