Add documentation on ACL requirements for psuedo-attribute entryDN

author Quanah Gibson-Mount <quanah@openldap.org>

Tue, 10 Nov 2020 22:38:10 +0000 (22:38 +0000)

committer Quanah Gibson-Mount <quanah@openldap.org>

Tue, 10 Nov 2020 23:30:47 +0000 (23:30 +0000)
author Quanah Gibson-Mount <quanah@openldap.org>
Tue, 10 Nov 2020 22:38:10 +0000 (22:38 +0000)
committer Quanah Gibson-Mount <quanah@openldap.org>
Tue, 10 Nov 2020 23:30:47 +0000 (23:30 +0000)
diff --git a/doc/man/man5/slapo-dynlist.5 b/doc/man/man5/slapo-dynlist.5

index c10eb8a8d52a095eddf220e1a702e0dd2f841e02..a6f2d6af1606532d6ea9aee74951aa9d5da08207 100644 (file)
--- a/doc/man/man5/slapo-dynlist.5
+++ b/doc/man/man5/slapo-dynlist.5
@@ -143,6 +143,9 @@ to expand the group.
  Values of the 
  .B dgAuthz
  attribute must conform to the (experimental) \fIOpenLDAP authz\fP syntax.
+When using dynamic memberOf in search filters, search access to the
+.B entryDN
+pseudo-attribute is required.
  
  .SH EXAMPLE
  This example collects all the email addresses of a database into a single
@@ -221,7 +224,7 @@ attribute to all the members of a dynamic group:
  
  
  This example extends the dynamic memberOf feature to add the
-.B dgMemberOf
+.B memberOf
  attribute to all the members of both static and dynamic groups:
  .LP
  .nf
@@ -232,7 +235,7 @@ attribute to all the members of both static and dynamic groups:
      # ...
  
      overlay dynlist
-    dynlist\-attrset groupOfURLs memberURL member+dgMemberOf@groupOfNames
+    dynlist\-attrset groupOfURLs memberURL member+memberOf@groupOfNames
  .fi
  .LP
  This dynamic memberOf feature can fully replace the functionality of the
author	Quanah Gibson-Mount <quanah@openldap.org>
	Tue, 10 Nov 2020 22:38:10 +0000 (22:38 +0000)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Tue, 10 Nov 2020 23:30:47 +0000 (23:30 +0000)