user_show api needs to show the enrollment in the net groups just like it shows enrollment in groups.
I filed RFE https://bugzilla.redhat.com/show_bug.cgi?id=620927 against 389-ds. The memberof plugin can currently only handle one source attribute and we have it configured for member. There can also only be one instance of the memberof plugin. There is no way to have it look at memberUser yet.
The bug is fixed in DS 1.2.7.a3 but isn't quite working yet. Here is my working patch:
diff --git a/install/share/memberof-conf.ldif b/install/share/memberof-conf.ldif index 189e16a..79ad647 100644 --- a/install/share/memberof-conf.ldif +++ b/install/share/memberof-conf.ldif @@ -2,4 +2,10 @@ dn: cn=MemberOf Plugin,cn=plugins,cn=config changetype: modify replace: nsslapd-pluginenabled nsslapd-pluginenabled: on +- +add: memberofgroupattr +memberofgroupattr: memberUser +- +add: memberofgroupattr +memberofgroupattr: memberHost
I'm getting loads of extra memberOf. Nathan is looking into it.
To test this:
apply memberof to memberuser and memberhost freeipa-rcrit-614-memberof.patch
This should resolve bug https://bugzilla.redhat.com/show_bug.cgi?id=655067
master: d824eee
Metadata Update from @admiyo: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.0 - 2010/11
Login to comment on this ticket.