Op 29-12-2024 om 20:29 schreef Stefan Kania via samba:>
>
> Am 13.12.24 um 14:38 schrieb Kees van Vloten via samba:
>> There is one limitation I forgot to mention: in my config there is a
>> module "mr_passthru", it is required if you want to do
Microsoft
>> LDAP_MATCHING_RULE_IN_CHAIN queries, e.g. for nested group membership
>> lookups: "(memberof:1.2.840.113556.1.4.1941:=CN=...) ".
>>
>> Openldap does not support these by default.
>
> OpenLDAP supports nested groups via acl set ;-), without any aditional
> overlay
>
Did you manage to get that working (with this kind of ldap-proxy)?
If so, could you share some examples?
- Kees.