openldap支持memberof

[dev] [root@dev-bigdata-haproxy memof]# cat memof.ldif
dn: cn=module,cn=config
cn: module
objectClass: olcModuleList
olcModuleLoad: memberof.la
olcModulePath: /usr/lib64/openldap

dn: olcOverlay={0}memberof,olcDatabase={2}hdb,cn=config
objectClass: olcConfig
objectClass: olcMemberOf
objectClass: olcOverlayConfig
objectClass: top
olcOverlay: memberof
olcMemberOfDangling: ignore
olcMemberOfRefInt: TRUE
olcMemberOfGroupOC: groupOfNames
olcMemberOfMemberAD: member
olcMemberOfMemberOfAD: memberOf




[dev] [root@dev-bigdata-haproxy memof]# cat refint1.ldif
dn: cn=module{0},cn=config
add: olcmoduleload
olcmoduleload: refint




[dev] [root@dev-bigdata-haproxy memof]# cat refint2.ldif
dn: olcOverlay={1}refint,olcDatabase={2}hdb,cn=config
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcRefintConfig
objectClass: top
olcOverlay: {1}refint
olcRefintAttribute: memberof member manager owner

[dev] [root@dev-bigdata-haproxy-2 myconf]# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f memof.ldif
adding new entry "cn=module,cn=config"

adding new entry "olcOverlay={0}memberof,olcDatabase={2}hdb,cn=config"

[dev] [root@dev-bigdata-haproxy-2 myconf]# ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f refint1.ldif
modifying entry "cn=module{0},cn=config"
[dev] [root@dev-bigdata-haproxy-2 myconf]# ldapadd -Q -Y EXTERNAL -H ldapi:/// -f refint2.ldif

adding new entry "olcOverlay={1}refint,olcDatabase={2}hdb,cn=config"

[dev] [root@dev-bigdata-haproxy memof]# ldapsearch -LL -Y EXTERNAL -H ldapi:/// "(uid=xuexianmao)" -b dc=kingxunlian,dc=com memberOf
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
version: 1

dn: uid=xuexianmao,ou=People,dc=kingxunlian,dc=com
memberOf: cn=Kylin_Admin_Group,ou=Group,dc=kingxunlian,dc=com
memberOf: cn=azkaban-ldap-group,ou=Group,dc=kingxunlian,dc=com
memberOf: cn=Admin,ou=Group,dc=kingxunlian,dc=com