[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
[no subject]
Dear all,
I have to develop a directory for multiple groups. Each group has different access control rights. If a user is a member of several groups, which access control right should he have? Does he have the greatest right among all group (say, the write right is greater than the read)?
For example, John is a member of sales group and a member of senior manager group (see the table).
__________________________________________
John DN: uid = john, ou = staff, dc=abc, dc=com
He has right to compare customer information
__________________________________________
Sales DN: ou=sales, dc=abc, dc=com
member: uid = john, ou = staff, dc=abc, dc=com
This group has right to read customer information
__________________________________________
Sales DN: ou=senior manager, dc=abc, dc=com
member: uid = john, ou = staff, dc=abc, dc=com
This group has right to write customer information
__________________________________________
When John logins , what is the access right of John?