[email protected] wrote: > Using slapd 2.5 with dynlist to generate memberof. > > We use sssd ldap provider with ldap_user_search_filter parameter and memberof > filter and only the user which are memberof=XY are in the sssd cache. So it > works as expected, since slapd 2.5 > > We use ldapsearch with memberof filter and it works as expected, since slapd > 2.5 > > Iam trying out some webapps, configure the ldap filter and iam wondering > because the filter with the memberof attribute will be transmitted to slapd > but there is no search result in the slapd.log. If i copy the webapp ldap > filter from the slapd log and try it out with ldapsearch on the webapp server > i get search results. > > Could somebody clearify me ? > Read the slapo-dynlist(5) manpage, especially the note about the manageDSAit control. Then check the slapd packet trace and see what controls the webapp is sending with the search request.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
