[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Groups



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Digant Kasundra wrote:
| Hello everyone,
|
| When using group restrictions in ACLs or when using dynamic groups, does
| OpenLDAP expect group entries to be of objectClass groupOfNames, or
does it
| only require entries to have the member attributes.
|

Wrong questions ...

| The reason I ask is because I need to two "methods" of grouping:
posixGroups
| and groupOfNames styles.  Since both are structural, I was hoping to
make a
| new objectclass that would be AUX and allow for the member attribute
| (because posix searches *have* to be objectclass posixGroup according
to the
| RFC).

The problem though is that the memberUid attribute is a username (not a
DN), which openldap can't do very much with ...

There is a schema around which allows a single DN to be both
groupOfNames and posixGroup, but it doesn't solve the above problem ...
(memberUid vs member).

Regards,
Buchan

- --
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBBixbrJK6UGDSBKcRAoGsAJ9FhU2p7lfmFbqsWj5TE8814cUIbgCgkGHq
rUE9SoMpsCxQQ1ncXZjgnNk=
=ObSP
-----END PGP SIGNATURE-----