Michael Ströder wrote:
Pierangelo Masarati wrote:
I want to create a set of groups that will be used for authorization
purposes. To me, it seems that a groupOfNames or groupOfUniqueNames will
best serve this purpose. (Better suggestions?) However, both object
classes
require at least one member attribute. There will be times though when a
member is not known. How do you handle this?
Right now I create all groups with an invalid member attribute:
member: cn=invalid,dc=..,dc=..
Does this break any convention? Is there a better way to handle this?
what I usually do is add the DN of the group itself.
Hmm, this could lead to problems with software which resolves nested groups.
p.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497