0

I want to integrate a service with my openldap.

But the service should be only accessible by members from a dedicated group.

I already enabled the dynlist module and tried multiple configurations.

Here some tried examples:

dn: cn=rocketchat-access-test,ou=permissiongroups,ou=groups,dc=myhomeldap,dc=de objectClass: top objectClass: groupOfURLs cn: dynamic-group cn: rocketchat-access-test memberURL: ldap:///cn=group1,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de memberURL: ldap:///cn=group2,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de
dn: cn=rocketchat-access,ou=permissiongroups,ou=groups,dc=myhomeldap,dc=de objectClass: groupOfNames cn: rocketchat-access description: group for rocketchat access member: cn=group1,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de member: cn=group2,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de
dn: cn=group1,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de objectClass: groupOfNames cn: group1 member: uid=user1,ou=users,dc=myhomeldap,dc=de member: uid=user2,ou=users,dc=myhomeldap,dc=de
dn: cn=group2,ou=rolegroups,ou=groups,dc=myhomeldap,dc=de objectClass: groupOfNames cn: group2 member: uid=user3,ou=users,dc=myhomeldap,dc=de member: uid=user4,ou=users,dc=myhomeldap,dc=de

Now I wanted to reference in a permissiongroup to the 2 subgroups.

What's the best practice to achieve this and how i can testing it with an ldapsearch?

Regards

asked Sep 3, 2025 at 9:24

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.