[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Help: LDAP using alias to reference value of another attribute

To: Michael Ströder <michael@stroeder.com>, Poul Etto <zepouletto@gmail.com>, openldap-technical@openldap.org
Subject: Re: Help: LDAP using alias to reference value of another attribute
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Fri, 10 Apr 2015 14:18:51 -0700
Content-disposition: inline
Dkim-filter: OpenDKIM Filter v2.9.2 edge01.zimbra.com 2AF5B442C9
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zimbra.com; s=C2AA288C-EE47-11E2-9BB0-E820BDD9BDBF; t=1428700739; bh=ENkrrjEIkYskkrDdLUcLZQCVJL7x5veMhfoAWy8RU18=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type: Content-Transfer-Encoding; b=oECUIRblyr+X1re0f5fVEa6oPzXJ1BfB0JEppGqWfQQmvBZDyd0LGRkvqaHge3NGu WqPV5rmHdninxXdFUPHAL/I/V7esA0kpUzyE+lQTCJa1QtGrAQDuxhEI46E0bDCtmw /ve1Pz/0I4L6r9ZMdLHqRaQ+i1MwZ8tl3KYuMnFA=
In-reply-to: <552836EC.3020402@stroeder.com>
References: <CAGCN28dL17hcuz3e3UHMkD94_r+xrmX7U=F4qn0pjs9OXPCu8Q@mail.gmail.com> <5526B4CE.6030900@stroeder.com> <CAGCN28fH0PT-Qpk1Mr-6iOHfmCr0QuR-Egzsyve98=OgvOaXWw@mail.gmail.com> <552836EC.3020402@stroeder.com>

--On Friday, April 10, 2015 11:47 PM +0200 Michael Ströder<michael@stroeder.com> wrote:

Poul Etto wrote:

Thank you for answers...

Michael: We didn't know about it... We need such a structure as each of
our employees has an account but does not always have access to all our
services (and there really are many), so we prefered spliting everything
in different OUs.


You should use group entries for authorization. I'm also using
slapo-memberof which automatically adds back link attribute 'memberOf' to
group member entries. This gives you best flexibility with most LDAP
enabled applications.

Or you can use slapo-dyngroup with the method I laid out, much moreeffective IMHO.


--Quanah



--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration

References:
- Help: LDAP using alias to reference value of another attribute
  - From: Poul Etto <zepouletto@gmail.com>
- Re: Help: LDAP using alias to reference value of another attribute
  - From: Michael Ströder <michael@stroeder.com>
- Re: Help: LDAP using alias to reference value of another attribute
  - From: Poul Etto <zepouletto@gmail.com>
- Re: Help: LDAP using alias to reference value of another attribute
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: Help: LDAP using alias to reference value of another attribute
Next by Date: Where are 'attribute names' in the RFC?
Index(es):
- Chronological
- Thread