[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: nested groups in Openldap
>>i want to use nested groups with nss-ldap.
>>
>>I have two questions:
>> > Is it possible to realize this in Openldap? Which objectClass do I
>> need
>>and which parammeters must I configure?
>
> One can store nested group objects in a directory hosted by slapd(8).
> Whether or not nested group objects are supported by any particular
> application is up to that application. (slapd(8), itself, as an
> application of the directory, doesn't (for instance, in "by group"
> access clauses).
Just for the records: there's a workaround, you can use nested groups in
slapd's access control by means of sets; see
<http://www.openldap.org/faq/data/cache/1133.html>, something like
access to *
by set="user & [cn=group]/member*" read
Use with care. This doesn't answer your question, though.
p.
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497