[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Groups
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Digant Kasundra wrote:
| Hello everyone,
|
| When using group restrictions in ACLs or when using dynamic groups, does
| OpenLDAP expect group entries to be of objectClass groupOfNames, or
does it
| only require entries to have the member attributes.
|
Wrong questions ...
| The reason I ask is because I need to two "methods" of grouping:
posixGroups
| and groupOfNames styles. Since both are structural, I was hoping to
make a
| new objectclass that would be AUX and allow for the member attribute
| (because posix searches *have* to be objectclass posixGroup according
to the
| RFC).
The problem though is that the memberUid attribute is a username (not a
DN), which openldap can't do very much with ...
There is a schema around which allows a single DN to be both
groupOfNames and posixGroup, but it doesn't solve the above problem ...
(memberUid vs member).
Regards,
Buchan
- --
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBBixbrJK6UGDSBKcRAoGsAJ9FhU2p7lfmFbqsWj5TE8814cUIbgCgkGHq
rUE9SoMpsCxQQ1ncXZjgnNk=
=ObSP
-----END PGP SIGNATURE-----
- References:
- Groups
- From: Digant Kasundra <digant@uta.edu>