You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Suggeested by Martin van Es. Use overlays to have openLDAP automatically add a memberof attribute when a DN is added to ou=group. This makes searching if a DN is a member of group easy, because the other way would mean searching though all DNs in group and determine if the DN is present there.
Wellicht is de memberof overlay een aardige toevoeging op de provisioning van
de standaard LDAP?
Suggeested by Martin van Es. Use overlays to have openLDAP automatically add a memberof attribute when a DN is added to ou=group. This makes searching if a DN is a member of group easy, because the other way would mean searching though all DNs in group and determine if the DN is present there.
Wellicht is de memberof overlay een aardige toevoeging op de provisioning van
de standaard LDAP?
cat memberof.ldif
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /usr/lib/ldap
dn: olcOverlay={0}memberof,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf
ldapadd -Q -Y EXTERNAL -H ldapi:/// -f memberof.ldif
cat refint.ldif
dn: cn=module,cn=config
cn: module
objectclass: olcModuleList
objectclass: top
olcmoduleload: refint.la
olcmodulepath: /usr/lib/ldap
dn: olcOverlay={1}refint,olcDatabase={1}mdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner
ldapadd -Q -Y EXTERNAL -H ldapi:/// -f refint.ldif
ldapsearch -x -D cn=admin,dc=ldap,dc=example,dc=org -w ChangeThisSecret -H
ldapi:/// -b dc=ldap,dc=example,dc=org memberof
...
student_mrvanes.com, people, ldap.example.org
dn: uid=student_mrvanes.com,ou=people,dc=ldap,dc=example,dc=org
memberOf: cn=CO:members:active,ou=group,dc=ldap,dc=example,dc=org
memberOf: cn=CO:members:all,ou=group,dc=ldap,dc=example,dc=org
memberOf: cn=barfoo,ou=group,dc=ldap,dc=example,dc=org
...
The text was updated successfully, but these errors were encountered: