[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Dynamic Groups

To: Quanah Gibson-Mount <quanah@stanford.edu>
Subject: RE: Dynamic Groups
From: Elliot Metsger <emetsger@jhu.edu>
Date: Thu, 29 May 2003 14:30:30 -0400 (EDT)
Cc: Jeff Costlow <j.costlow@f5.com>, Tod Thomas <tthomas@chubb.com>, OpenLDAP-software@OpenLDAP.org
In-reply-to: <247427992.1054193194@cadabra-dsl.stanford.edu>

On Thu, 29 May 2003, Quanah Gibson-Mount wrote:
> --On Wednesday, May 28, 2003 10:24 AM -0700 Jeff Costlow <j.costlow@f5.com>
> wrote:
>
> > I don't know what iPlanet is doing, but this document has some good
> > stuff in it.
> > http://middleware.internet2.edu/dir/groups/draft-internet2-mace-dir-grou
> > ps-best-practices-01.html
>
> Interestingly enough, I wrote a note to OpenLDAP-software just a few days
> ago myself asking if it is possible to use dynamic groups in OpenLDAP-2.1.
> I've gotten 0 responses saying anything either way.  I'm not convinced you
> can't, but I'm not convinced you can, either.

I haven't read the MACE stuff in a while, but my understanding of "dynamic" groups was more a function of the
application using LDAP rather than the server software itself.

I guess in order to use dynamic groups in openldap on the server side means that you would be able to specify an
ldap url (which performs a search and uses the result as the group membership) as a group target instead of a dn
in slapd.conf?

Elliot

References:
- RE: Dynamic Groups
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: problem with ldap client on Solaris 8 box
Next by Date: Re: Dynamic Groups
Index(es):
- Chronological
- Thread