[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Creating empty groupOfUniqueNames..

To: ando@sys-net.it
Subject: Re: Creating empty groupOfUniqueNames..
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 14 Dec 2004 11:15:07 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <56708.131.175.154.56.1103011680.squirrel@131.175.154.56>
References: <004e01c4e0e2$80113aa0$9db30b44@dpboxen> <56708.131.175.154.56.1103011680.squirrel@131.175.154.56>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913

Pierangelo Masarati wrote:

I want to create a set of groups that will be used for authorization
purposes. To me, it seems that a groupOfNames or groupOfUniqueNames will
best serve this purpose. (Better suggestions?) However, both object
classes
require at least one member attribute. There will be times though when a
member is not known. How do you handle this?

Right now I create all groups with an invalid member attribute:

member: cn=invalid,dc=..,dc=..

Does this break any convention? Is there a better way to handle this?

what I usually do is add the DN of the group itself.


Hmm, this could lead to problems with software which resolves nested groups.

Ciao, Michael.

Follow-Ups:
- Re: Creating empty groupOfUniqueNames..
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- Creating empty groupOfUniqueNames..
  - From: <fuser9bb@hotpop.com>
- Re: Creating empty groupOfUniqueNames..
  - From: "Pierangelo Masarati" <ando@sys-net.it>

Prev by Date: Re: Creating empty groupOfUniqueNames..
Next by Date: Re: how can add an encoded LDIF by ldapmodify
Index(es):
- Chronological
- Thread