[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: "add user to group" validation
Héctor Miranda wrote:
Hi all, just a question.
Is it possible in LDAP (OpenLDAP) that the directory (the schema itself or
by any other mean) validates the existence of a user when someone is trying
to add it into a group?? Thereby, disallowing this "add to group" if such
user doesn't exists.
Applications should take care of that; as an alternative, you could
write an overlay,
or a slaapi module that does that for you. A careful implementation
would not only
look at group membership modifications, but also at entry
deletion/renaming, to
keep the group memberships in sync with the status of the entries
managed by the DSA.
Note that, in a distributed environment, members do not need to be
physically stored
on the same DSA, and, in general, for one server, group members do not
need to be
in the same database, so such a general tool would be a nightmare. In
this sense, it
is your application, or your specific module/overlay, that should take
care of your
specific needs.
p.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497