0

I am trying to enable the memberof overlay for my ldap using this article. The only difference is that I am using a custom schema I am using an objectClass out of this schema. So my ldif looks like this

dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof
olcModulePath: /usr/lib/ldap

dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof

olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: customGroup
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf

When I add the ldif-files with these commands (the 2nd and 3rd are from the article)

sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f memberof_config.ldif
sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f /tmp/refint1.ldif
sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /tmp/refint2.ldif

everything is created inside my config. But the memberof overlay is always created empty. There are no values for the fields starting with olcMemberOf.... When I fill these fields manually with a ldap browser everything works fine. But I need them to be filled by my ldif file.

What am I doing wring? Any ideas?

htz
  • 113
  • 6

1 Answers1

2

The LDIF format specify that each record is separated by an empty line. https://en.wikipedia.org/wiki/LDAP_Data_Interchange_Format#Content_Record_Format

The fact that you have an empty line between olcOverlay: memberof and olcMemberOfDangling: ignore means that the dn: olcOverlay={0}memberof,olcDatabase={1}hdb,cn=config end with the line olcOverlay: memberof

Try to suppress this line and re-import it.

84104
  • 12,698
  • 6
  • 43
  • 75
Esteban
  • 286
  • 1
  • 7