Le 20.01.2012 00:45, Howard Chu a ÃcritÂ:
Felipe Augusto van de Wiel wrote:Hello,
Hi
On 19-01-2012 15:14, Howard Chu wrote:Dunno. IMO most people using memberOf are misusing the data model anyway, so it's of little interest.Out of curiosity (and because I do try to avoid misusing the data model), why in your opinion memberOf represents a misuse?There are two common operations on a group: list all the members, and see if user X is a member of a group. For the first case, just retrieve the group entry and look at its member attribute. For the second case, just do a Compare on the group and test the member attribute against the user's DN.
I could see a 3rd use case : User management.When you administer the profile of a user, you simply query the LDAP entry of the user and you get all of his information, including the complete list of his groups (with a single LDAP request).
That's a use case, and I recon that it can be achieved by performing one more LDAP request to lookup for group membership of this particular user.
Sincerely, Mathieu.
Kind regards, - -- Felipe Augusto van de Wiel<felipe.wiel@hpp.org.br> Tecnologia da InformaÃÃo (TI) - Complexo Pequeno PrÃncipe http://www.pequenoprincipe.org.br/ T: +55 41 3310 1747
-- Mathieu MILLET mailto:ldap@htam.net