[Date Prev][Date Next] [Chronological] [Thread] [Top]

Recursive Groups



I've been working hard on developing an ACL based on many of the examples
provided in the mail archives and faq for OpenLDAP. I wondering if anyone
has attempted an acl that would recursively check group memberships for
authentication/authorization.

What I'd like to do is:

dn: cn=group2,o=blaa
member: cn=group1,o=blaa
...

dn: cn=group1,o=blaa
member: uid=joe_user,o=blaa
...

dn: uid=joe_user,o=blaa
...

and have joe_user be authenticated as if a member of both group1 and group2.

Does anyone know if this is possible?

-Mark Diggory