Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace memberof overlay by dynlist #447

Closed
baszoetekouw opened this issue May 17, 2023 · 5 comments · Fixed by #501
Closed

Replace memberof overlay by dynlist #447

baszoetekouw opened this issue May 17, 2023 · 5 comments · Fixed by #501
Assignees
@baszoetekouw @mrvanes
Labels
test2

Comments

@baszoetekouw
Copy link
Member

baszoetekouw commented May 17, 2023
edited
Loading

According to https://manpages.debian.org/unstable/slapd/slapo-memberof.5.en.html the memberof overlay is deprecated and is incompatible with syncrepl. We have actually seen this in prod (at least, we are seeing inconsistencies in synced group memberships). See also https://bugs.openldap.org/show_bug.cgi?id=7400;selectid=7400

So, we should probably use the dynlist overlay instead. Seems doable, though as expected, the syntax is crappy and the documentation rather unhelpful, https://www.mail-archive.com/openldap-technical@openldap.org/msg26067.html and https://bugs.openldap.org/show_bug.cgi?id=8613 seem to point into the right direction.
@baszoetekouw baszoetekouw added this to the v24 milestone May 17, 2023
@baszoetekouw baszoetekouw moved this from New to Todo in SRAM development May 17, 2023
@baszoetekouw baszoetekouw changed the title Replace memberof overlay by dy nlist Replace memberof overlay by dynlist May 17, 2023
@mrvanes
Copy link
Contributor

mrvanes commented May 19, 2023
edited
Loading

Mental note:
https://www.mail-archive.com/openldap-technical@openldap.org/msg27096.html
https://www.mail-archive.com/openldap-technical@openldap.org/msg27121.html
Works with slapd 2.5.x in Debian bookworm.

@mrvanes mrvanes moved this from Todo to In progress in SRAM development May 22, 2023
@baszoetekouw baszoetekouw modified the milestones: v24, v25 Jun 14, 2023
@baszoetekouw baszoetekouw modified the milestones: v25, v26 Aug 2, 2023
@baszoetekouw
Copy link
Member Author

I'm now really seeing problems with the overlay, in test, acc and prod.

For example:

  • on test: uid=roger,ou=People,dc=flat,dc=https://wiki/,dc=services,dc=sram-tst,dc=surf,dc=nl
  • on prod: uid=eone,ou=People,dc=flat,dc=urn:mace:surf.nl:sram:service:sram_mon_ldap,dc=services,dc=sram,dc=surf,dc=nl (ldap monitor user)

@baszoetekouw baszoetekouw mentioned this issue Aug 22, 2023
Closed
@baszoetekouw baszoetekouw removed this from the v26 milestone Sep 18, 2023
@mrvanes mrvanes linked a pull request Mar 11, 2024 that will close this issue
Add 2nd ldap #501
Merged
@mrvanes mrvanes moved this from In progress to To be tested in SRAM development Mar 11, 2024
@HarryKodden HarryKodden moved this from To be tested to Being tested in SRAM development Mar 11, 2024
@HarryKodden HarryKodden assigned HarryKodden and unassigned mrvanes Mar 11, 2024
@HarryKodden HarryKodden moved this from Being tested to To be tested in SRAM development Mar 12, 2024
@baszoetekouw baszoetekouw added this to the v33 milestone Mar 14, 2024
@mrvanes mrvanes assigned mrvanes and unassigned HarryKodden Apr 5, 2024
@baszoetekouw baszoetekouw moved this from To be tested to Being tested in SRAM development Apr 9, 2024
@sram-project-automation sram-project-automation bot moved this from Being tested to To be tested in SRAM development Apr 15, 2024
@baszoetekouw baszoetekouw modified the milestones: v33, v34 May 7, 2024
@baszoetekouw
Copy link
Member Author

Dit werkt niet op de reguliere tst/acc/prd; die hebben wel de dynlist overlay geladen, maar niet met de goede config. Misschien is dat ook wel ok voor nu, en fixen we dat gewoon als we naar de docker-omgevingen overgaan.

Die dockers moet ik nog testen.

@baszoetekouw baszoetekouw modified the milestones: v34, v35 Jun 10, 2024
@mrvanes
Copy link
Contributor

mrvanes commented Jun 10, 2024

Dat kopt, dit werk wel, maar alleen in de containers

@baszoetekouw
Copy link
Member Author

ok

@baszoetekouw baszoetekouw assigned baszoetekouw and unassigned mrvanes Aug 8, 2024
@baszoetekouw baszoetekouw removed this from the v35 milestone Aug 29, 2024
@mrvanes mrvanes self-assigned this Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@baszoetekouw baszoetekouw

@mrvanes mrvanes

Labels
test2
Projects
SRAM development
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add 2nd ldap SURFscz/SRAM-deploy
3 participants
@baszoetekouw @HarryKodden @mrvanes