Am Fri, Aug 19, 2022 at 02:02:00PM +0200 schrieb Erik de Waard:
When openldap is configured to make use of the dynlist module it can
update
the member and memberOf population recursively for nested groups by just
quering with a searchfilter memberOf for it.
This should eliminates the need for nested group searches because it
returns all memberships
Hi,
would you mind to open this request as an RFE at
https://github.com/SSSD/sssd/issues/new?
I'm not familiar with the details of the dynlist module, but if I
understand it correctly everything happens on the server side and the
client just has to ask for the related attribute, i.e. memberOf. In this
case I wonder if setting
ldap_group_nesting_level = 0
in the [domain/...] section of sssd.conf would already be sufficient?
bye,
Sumit
Similar: issue: 2409
Can we have a setting to enable this like LDAP_MATCHING_RULE_IN_CHAIN for AD
_______________________________________________
sssd-devel mailing list -- sssd-devel(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahoste...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue