Site Navigation

FreeBSD Manual Pages

   man apropos
 
   All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands FreeBSD 16.0-CURRENT FreeBSD 15.0-RELEASE FreeBSD 15.0-RELEASE and Ports FreeBSD 15.0-STABLE FreeBSD 14.3-RELEASE FreeBSD 14.3-RELEASE and Ports FreeBSD 14.3-STABLE FreeBSD 14.2-RELEASE FreeBSD 14.2-RELEASE and Ports FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE and Ports FreeBSD 14.0-RELEASE FreeBSD 14.0-RELEASE and Ports FreeBSD 13.5-RELEASE FreeBSD 13.5-RELEASE and Ports FreeBSD 13.5-STABLE FreeBSD 13.4-RELEASE FreeBSD 13.4-RELEASE and Ports FreeBSD 13.3-RELEASE FreeBSD 13.3-RELEASE and Ports FreeBSD 13.2-RELEASE FreeBSD 13.2-RELEASE and Ports FreeBSD 13.1-RELEASE FreeBSD 13.1-RELEASE and Ports FreeBSD 13.0-RELEASE FreeBSD 13.0-RELEASE and Ports FreeBSD 12.4-RELEASE FreeBSD 12.4-RELEASE and Ports FreeBSD 12.3-RELEASE FreeBSD 12.3-RELEASE and Ports FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE and Ports FreeBSD 12.1-RELEASE FreeBSD 12.1-RELEASE and Ports FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE and Ports FreeBSD 11.4-RELEASE FreeBSD 11.4-RELEASE and Ports FreeBSD 11.3-RELEASE FreeBSD 11.3-RELEASE and Ports FreeBSD 11.2-RELEASE FreeBSD 11.2-RELEASE and Ports FreeBSD 11.1-RELEASE FreeBSD 11.1-RELEASE and Ports FreeBSD 11.0-RELEASE FreeBSD 11.0-RELEASE and Ports FreeBSD 10.4-RELEASE FreeBSD 10.4-RELEASE and Ports FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.0-RELEASE FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.2-RELEASE FreeBSD 6.1-RELEASE FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.1-RELEASE FreeBSD 5.0-RELEASE FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.1-RELEASE FreeBSD 4.0-RELEASE FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.3-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.0-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 2.2.7-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.0-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.0-RELEASE FreeBSD Ports 15.0 FreeBSD Ports 14.3 FreeBSD Ports 14.3.quarterly FreeBSD Ports 14.2 FreeBSD Ports 14.1 FreeBSD Ports 14.0 FreeBSD Ports 13.5 FreeBSD Ports 13.4 FreeBSD Ports 13.3 FreeBSD Ports 13.2 FreeBSD Ports 13.1 FreeBSD Ports 13.0 FreeBSD Ports 12.4 FreeBSD Ports 12.3 FreeBSD Ports 12.2 FreeBSD Ports 12.1 FreeBSD Ports 12.0 FreeBSD Ports 11.4 FreeBSD Ports 11.3 FreeBSD Ports 11.2 FreeBSD Ports 11.1 FreeBSD Ports 11.0 FreeBSD Ports 10.4 FreeBSD Ports 10.3 FreeBSD Ports 10.2 FreeBSD Ports 10.1 FreeBSD Ports 10.0 FreeBSD Ports 9.3 FreeBSD Ports 9.2 FreeBSD Ports 9.1 FreeBSD Ports 9.0 FreeBSD Ports 8.4 FreeBSD Ports 8.3 FreeBSD Ports 8.2 FreeBSD Ports 8.1 FreeBSD Ports 8.0 FreeBSD Ports 7.4 FreeBSD Ports 7.3 FreeBSD Ports 7.2 FreeBSD Ports 7.1 FreeBSD Ports 7.0 FreeBSD Ports 6.4 FreeBSD Ports 6.3 FreeBSD Ports 6.2 FreeBSD Ports 6.0 FreeBSD Ports 5.5 FreeBSD Ports 5.4 FreeBSD Ports 5.3 FreeBSD Ports 5.2.1 FreeBSD Ports 5.2 FreeBSD Ports 5.1 FreeBSD Ports 4.11 FreeBSD Ports 4.10 FreeBSD Ports 4.9 FreeBSD Ports 4.8 FreeBSD Ports 4.7 FreeBSD Ports 4.6.2 FreeBSD Ports 4.6 FreeBSD Ports 4.5 FreeBSD Ports 4.3 FreeBSD Ports 4.2 FreeBSD Ports 4.1.1 FreeBSD Ports 3.5.1 FreeBSD Ports 3.5 FreeBSD Ports 3.4 FreeBSD Ports 2.2.8 4.4BSD Lite2 4.3BSD NET/2 4.3BSD Reno 2.11 BSD 2.10 BSD 2.9.1 BSD 2.8 BSD 386BSD 0.1 386BSD 0.0 CentOS 7.9 CentOS 7.8 CentOS 7.7 CentOS 7.6 CentOS 7.5 CentOS 7.4 CentOS 7.3 CentOS 7.2 CentOS 7.1 CentOS 7.0 CentOS 6.10 CentOS 6.9 CentOS 6.8 CentOS 6.7 CentOS 6.6 CentOS 6.5 CentOS 6.4 CentOS 6.3 CentOS 6.2 CentOS 6.1 CentOS 6.0 CentOS 5.11 CentOS 5.10 CentOS 5.9 CentOS 5.8 CentOS 5.7 CentOS 5.6 CentOS 5.5 CentOS 5.4 CentOS 4.8 CentOS 3.9 Darwin 8.0.1/ppc Darwin 7.0.1 Darwin 6.0.2/x86 Darwin 1.4.1/x86 Darwin 1.3.1/x86 Debian 14.0 unstable Debian 13.3.0 Debian 12.13.0 Debian 11.11.0 Debian 10.13.0 Debian 9.13.0 Debian 8.11.1 Debian 7.11.0 Debian 6.0.10 Debian 5.0.10 Debian 4.0.9 Debian 3.1.8 Debian 2.2.7 Debian 2.0.0 Dell UNIX SVR4 2.2 DragonFly 6.4.2 DragonFly 5.8.3 DragonFly 4.8.1 DragonFly 3.8.2 DragonFly 2.10.1 DragonFly 1.12.1 DragonFly 1.0A HP-UX 11.22 HP-UX 11.20 HP-UX 11.11 HP-UX 11.00 HP-UX 10.20 HP-UX 10.10 HP-UX 10.01 HP-UX 9.07 HP-UX 8.07 Inferno 4th Edition IRIX 6.5.30 Linux Slackware 3.1 MACH 2.5/i386 macOS 26.2 macOS 15.7.3 macOS 14.8.3 macOS 13.6.5 macOS 12.7.3 macOS 11.1 macOS 10.15.7 macOS 10.13.6 macOS 10.12.0 Minix 3.3.0 Minix 3.2.1 Minix 3.2.0 Minix 3.1.7 Minix 3.1.6 Minix 3.1.5 Minix 2.0.0 NetBSD 10.1 NetBSD 10.0 NetBSD 9.4 NetBSD 9.3 NetBSD 9.2 NetBSD 9.1 NetBSD 9.0 NetBSD 8.3 NetBSD 8.2 NetBSD 8.1 NetBSD 8.0 NetBSD 7.2 NetBSD 7.1.2 NetBSD 7.1 NetBSD 7.0 NetBSD 6.1.5 NetBSD 6.0 NetBSD 5.2.3 NetBSD 5.2 NetBSD 5.1 NetBSD 5.0 NetBSD 4.0.1 NetBSD 4.0 NetBSD 3.1 NetBSD 3.0 NetBSD 2.1 NetBSD 2.0.2 NetBSD 2.0 NetBSD 1.6.2 NetBSD 1.6.1 NetBSD 1.6 NetBSD 1.5.3 NetBSD 1.5.2 NetBSD 1.5.1 NetBSD 1.5 NetBSD 1.4.3 NetBSD 1.4.2 NetBSD 1.4.1 NetBSD 1.4 NetBSD 1.3.3 NetBSD 1.3.2 NetBSD 1.3.1 NetBSD 1.3 NetBSD 1.2.1 NetBSD 1.2 NetBSD 1.1 NetBSD 1.0 NeXTSTEP 3.3 OpenBSD 7.8 OpenBSD 7.7 OpenBSD 7.6 OpenBSD 7.5 OpenBSD 7.4 OpenBSD 7.3 OpenBSD 7.2 OpenBSD 7.1 OpenBSD 7.0 OpenBSD 6.9 OpenBSD 6.8 OpenBSD 6.7 OpenBSD 6.6 OpenBSD 6.5 OpenBSD 6.4 OpenBSD 6.3 OpenBSD 6.2 OpenBSD 6.1 OpenBSD 6.0 OpenBSD 5.9 OpenBSD 5.8 OpenBSD 5.7 OpenBSD 5.6 OpenBSD 5.5 OpenBSD 5.4 OpenBSD 5.3 OpenBSD 5.2 OpenBSD 5.1 OpenBSD 5.0 OpenBSD 4.9 OpenBSD 4.8 OpenBSD 4.7 OpenBSD 4.6 OpenBSD 4.5 OpenBSD 4.4 OpenBSD 4.3 OpenBSD 4.2 OpenBSD 4.1 OpenBSD 4.0 OpenBSD 3.9 OpenBSD 3.8 OpenBSD 3.7 OpenBSD 3.6 OpenBSD 3.5 OpenBSD 3.4 OpenBSD 3.3 OpenBSD 3.2 OpenBSD 3.1 OpenBSD 3.0 OpenBSD 2.9 OpenBSD 2.8 OpenBSD 2.7 OpenBSD 2.6 OpenBSD 2.5 OpenBSD 2.4 OpenBSD 2.3 OpenBSD 2.2 OpenBSD 2.1 OpenBSD 2.0 OpenDarwin 7.2.1 OpenDarwin 6.6.2/x86 OpenDarwin 6.6.1/x86 OpenDarwin 20030208pre4/ppc OpenIndiana 2024.10 OpenIndiana 2022.10 OpenIndiana 2020.10 OpenIndiana 2017.10 OpenIndiana 2015.10 OpenIndiana 2013.08 OpenSolaris 2010.03 OpenSolaris 2009.06 OpenStep 4.2 openSUSE 42.3 openSUSE 42.2 openSUSE 42.1 openSUSE 16.0 openSUSE 15.6 openSUSE 15.5 openSUSE 15.4 openSUSE 15.3 openSUSE 15.2 openSUSE 15.1 openSUSE 15.0 openSUSE 13.2 openSUSE 13.1 openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 openSUSE 10.3 openSUSE 10.2 OSF1 V5.1/alpha OSF1 V4.0/alpha OSF1 V1.0/mips Plan 9 Red Hat 9.0 Red Hat 8.0 Red Hat 7.3 Red Hat 7.2 Red Hat 7.1 Red Hat 7.0 Red Hat 6.2 Red Hat 6.1 Red Hat 5.2 Red Hat 5.0 Red Hat 4.2 Rhapsody DR1 Rhapsody DR2 Rocky 10.0 Rocky 9.6 Rocky 9.5 Rocky 9.4 Rocky 9.3 Rocky 9.2 Rocky 9.1 Rocky 9.0 Rocky 8.10 Rocky 8.9 Rocky 8.8 Rocky 8.7 Rocky 8.6 Rocky 8.5 Rocky 8.4 Rocky 8.3 Sun UNIX 0.4 SunOS 5.10 SunOS 5.9 SunOS 5.8 SunOS 5.7 SunOS 5.6 SunOS 5.5.1 SunOS 4.1.3 SuSE 11.3 SuSE 11.2 SuSE 11.1 SuSE 11.0 SuSE 10.3 SuSE 10.2 SuSE 10.1 SuSE 10.0 SuSE 9.3 SuSE 9.2 SuSE 8.2 SuSE 8.1 SuSE 8.0 SuSE 7.3 SuSE 7.2 SuSE 7.1 SuSE 7.0 SuSE 6.4 SuSE 6.3 SuSE 6.1 SuSE 6.0 SuSE 5.3 SuSE 5.2 SuSE 5.0 SuSE 4.3 SuSE ES 10 SP1 Ubuntu 24.04 noble Ubuntu 23.10 mantic Ubuntu 22.04 jammy Ubuntu 20.04 focal Ubuntu 18.04 bionic Ubuntu 16.04 xenial Ubuntu 14.04 trusty ULTRIX 4.2 Ultrix-32 2.0/VAX Unix Seventh Edition X11R7.4 X11R7.3.2 X11R7.2 X11R6.9.0 X11R6.8.2 X11R6.7.0 XFree86 4.8.0 XFree86 4.7.0 XFree86 4.6.0 XFree86 4.5.0 XFree86 4.4.0 XFree86 4.3.0 XFree86 4.2.99.3 XFree86 4.2.0 XFree86 4.1.0 XFree86 4.0.2 XFree86 4.0.1 XFree86 4.0 XFree86 3.3.6 XFree86 3.3 XFree86 2.1 All Architectures html pdf ascii

home | help

---

SLAPO-DYNLIST(5)	      File Formats Manual	      SLAPO-DYNLIST(5)

NAME
       slapo-dynlist - Dynamic List overlay to slapd

SYNOPSIS
       /usr/local/etc/openldap/slapd.conf

DESCRIPTION
       The  dynlist  overlay to	slapd(8) allows	expansion of dynamic lists and
       groups.	Any time an entry with a specific objectClass (defined in  the
       overlay	configuration)	is  being returned, the	LDAP URI-valued	occur-
       rences of a specific attribute (also defined in the overlay  configura-
       tion) are expanded into the corresponding entries.

       For  a dynamic list, the	values of the attributes listed	in the URI are
       added from the matching entries to the original entry.  No recursion is
       allowed,	to avoid potential infinite loops.  The	resulting  entry  must
       comply  with the	LDAP data model, so constraints	are enforced.  For ex-
       ample, if a SINGLE-VALUE	attribute is  listed,  only  the  first	 value
       found during the	list expansion appears in the final entry.

       For  a  dynamic	group,	the DNs	of the matching	entries	are added to a
       member attribute	in the original	entry.

       All dynamic behavior is disabled	 when  the  manageDSAit	 control  (RFC
       3296) is	used.  In that case, the contents of the original entry	is re-
       turned; namely, the URLs	are returned instead of	being expanded.

CONFIGURATION
       The  config directives that are specific	to the dynlist overlay must be
       prefixed	by dynlist-, to	avoid potential	conflicts with directives spe-
       cific to	the underlying database	or to other stacked overlays.

       overlay dynlist
	      This directive adds the dynlist overlay to the current database,
	      or to the	frontend, if used before any  database	instantiation;
	      see slapd.conf(5)	for details.

       This  slapd.conf	 configuration option is defined for the dynlist over-
       lay. It may have	multiple occurrences, and it  must  appear  after  the
       overlay directive.

       dynlist-attrset <group-oc> [<URI>] <URL-ad> [options]

	      The  value group-oc is the name of the objectClass that triggers
	      the dynamic expansion of the data.

	      The optional URI restricts expansion only	 to  entries  matching
	      the DN, the scope	and the	filter portions	of the URI.

	      The  value  URL-ad  is the name of the attributeDescription that
	      contains the URI that is expanded	by the	overlay;  if  none  is
	      present,	no  expansion  occurs.	If the intersection of the at-
	      tributes requested by the	search operation (or the asserted  at-
	      tribute  for  compares)  and the attributes listed in the	URI is
	      empty, no	expansion occurs for that specific URI.	 It must be  a
	      subtype of labeledURI.

	      The  remaining options depend on whether a dynamic list or a dy-
	      namic group is being configured.

	      For a dynamic list, the allowed options have the form

	      [<mapped-ad>:<list-ad> ...]

	      The mapped-ad can	be used	to remap attributes  obtained  through
	      expansion.   The	list-ad	must be	one of the attributes returned
	      in the expansion of the URIs in the URL-ad attribute of the  dy-
	      namic entry. Multiple mapping statements can be used.  Note that
	      in  order	for dynamic lists to be	usable in a search filter, the
	      dynamic attributes to be filtered	 must  be  explicitly  mapped.
	      They  can	 be  mapped  to	themselves if no transformation	is re-
	      quired.

	      For a dynamic group, the allowed options are

	      <member-ad>[+<memberOf-ad>[@<static-oc>[*]]]

	      The member-ad is required; this attribute	will list  the	DN  of
	      the  entries  resulting from the internal	search.	 In this case,
	      the attrs	portion	of the URIs in the URL-ad  attribute  must  be
	      absent, and the DNs of all the entries resulting from the	expan-
	      sion  of	the URIs are listed as values of this attribute.  Com-
	      pares that assert	the value of the member-ad  attribute  of  en-
	      tries  with  group-oc  objectClass apply as if the DN of the en-
	      tries resulting from the expansion of the	URI  were  present  in
	      the group-oc entry as values of the member-ad attribute.	If the
	      optional	memberOf-ad  attribute is also specified, then it will
	      be populated with	the DNs	of the dynamic groups that an entry is
	      a	member of.  If the  optional  static-oc	 objectClass  is  also
	      specified,  then	the  memberOf attribute	will also be populated
	      with the DNs of the static groups	that an	entry is a member  of.
	      Note  that using the same	static-oc objectClass in more than one
	      dynamic group configuration is not supported.  If	the optional *
	      character	is also	specified, then	the member and memberOf	values
	      will be populated	recursively, for nested	groups.	Note that cur-
	      rently nesting is	only supported for Search operations, not Com-
	      pares.

       dynlist-simple TRUE | FALSE
	      This option downgrades to	the behavior of	the OpenLDAP 2.4  dyn-
	      list  overlay.   It  disables  memberOf processing, nested group
	      support, and filter evaluation of	dynamically generated  values.
	      The default is FALSE.

       The  dynlist overlay may	be used	with any backend, but it is mainly in-
       tended for use with local storage backends.  In case the	URI  expansion
       is very resource-intensive and occurs frequently	with well-defined pat-
       terns,  one should consider adding a proxycache later on	in the overlay
       stack.

AUTHORIZATION
       By default the expansions are performed using the identity of the  cur-
       rent LDAP user.	This identity may be overridden	by setting the dgIden-
       tity attribute in the group's entry to the DN of	another	LDAP user.  In
       that  case  the	dgIdentity will	be used	when expanding the URIs	in the
       object.	Setting	the dgIdentity to a zero-length	string will cause  the
       expansions  to  be performed anonymously.  Note that the	dgIdentity at-
       tribute is defined in the dyngroup schema,  and	this  schema  must  be
       loaded before the dgIdentity authorization feature may be used.	If the
       dgAuthz	attribute is also present in the group's entry,	its values are
       used to determine what identities are authorized	to use the  dgIdentity
       to  expand  the group.  Values of the dgAuthz attribute must conform to
       the (experimental) OpenLDAP authz syntax.  When using dynamic  memberOf
       in search filters, search access	to the entryDN pseudo-attribute	is re-
       quired.

EXAMPLE
       This example collects all the email addresses of	a database into	a sin-
       gle  entry; first of all, make sure that	slapd.conf contains the	direc-
       tives:

	   include /path/to/dyngroup.schema
	   # ...

	   database <database>
	   # ...

	   overlay dynlist
	   dynlist-attrset groupOfURLs memberURL

       and that	slapd loads dynlist.la,	if compiled as a run-time module; then
       add to the database an entry like

	   dn: cn=Dynamic List,ou=Groups,dc=example,dc=com
	   objectClass:	groupOfURLs
	   cn: Dynamic List
	   memberURL: ldap:///ou=People,dc=example,dc=com?mail?sub?(objectClass=person)

       If no <attrs> are provided in the URI, all (non-operational) attributes
       are collected.

       The values of the above list can	not be evaluated in a  search  filter.
       To enable filter	evaluation on the dynamic list,	the configuration must
       be  changed to explicitly map the dynamic attributes to be filtered. In
       this case mail is just mapped to	itself.

	   include /path/to/dyngroup.schema
	   # ...

	   database <database>
	   # ...

	   overlay dynlist
	   dynlist-attrset groupOfURLs memberURL mail:mail

       This example implements the dynamic group feature  on  the  member  at-
       tribute:

	   include /path/to/dyngroup.schema
	   # ...

	   database <database>
	   # ...

	   overlay dynlist
	   dynlist-attrset groupOfURLs memberURL member

       A  dynamic group	with dgIdentity	authorization could be created with an
       entry like

	   dn: cn=Dynamic Group,ou=Groups,dc=example,dc=com
	   objectClass:	groupOfURLs
	   objectClass:	dgIdentityAux
	   cn: Dynamic Group
	   memberURL: ldap:///ou=People,dc=example,dc=com??sub?(objectClass=person)
	   dgIdentity: cn=Group	Proxy,ou=Services,dc=example,dc=com

       This example extends the	dynamic	group feature to add a dynamic	dgMem-
       berOf attribute to all the members of a dynamic group:

	   include /path/to/dyngroup.schema
	   # ...

	   database <database>
	   # ...

	   overlay dynlist
	   dynlist-attrset groupOfURLs memberURL member+dgMemberOf

       This  example  extends the dynamic memberOf feature to add the memberOf
       attribute to all	the members of both static and dynamic groups:

	   include /path/to/dyngroup.schema
	   # ...

	   database <database>
	   # ...

	   overlay dynlist
	   dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames

       This dynamic memberOf feature can fully replace	the  functionality  of
       the slapo-memberof(5) overlay.

FILES
       /usr/local/etc/openldap/slapd.conf
	      default slapd configuration file

BACKWARD COMPATIBILITY
       The  dynlist  overlay  has  been	reworked with the 2.5 release to use a
       consistent namespace as with other overlays. As a side-effect the  fol-
       lowing cn=config	parameters are deprecated and will be removed in a fu-
       ture release: olcDlAttrSet is replaced with olcDynListAttrSet olcDynam-
       icList is replaced with olcDynListConfig

SEE ALSO
       slapd.conf(5), slapd-config(5), slapd(8).  The slapo-dynlist(5) overlay
       supports	dynamic	configuration via back-config.

BUGS
       Filtering on dynamic groups may return incomplete results if the	search
       operation uses the pagedResults control.

ACKNOWLEDGEMENTS
       This  module  was  written  in  2004  by	Pierangelo Masarati for	SysNet
       s.n.c.

       Attribute remapping was contributed in 2008 by Emmanuel Dreyfus.

OpenLDAP 2.6.10			  2025/05/22		      SLAPO-DYNLIST(5)

---

NAME | SYNOPSIS | DESCRIPTION | CONFIGURATION | AUTHORIZATION | EXAMPLE | FILES | BACKWARD COMPATIBILITY | SEE ALSO | BUGS | ACKNOWLEDGEMENTS

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=slapo-dynlist&sektion=5&manpath=FreeBSD+Ports+15.0>

home | help

---

Legal Notices | © 1995-2026 The FreeBSD Project. All rights reserved.

Contact