[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Groups

To: Buchan Milne <bgmilne@obsidian.co.za>
Subject: RE: Groups
From: Digant Kasundra <digant@uta.edu>
Date: Tue, 27 Jul 2004 10:18:20 -0500
Cc: openldap-software@OpenLDAP.org

> The problem though is that the memberUid attribute is a 
> username (not a DN), which openldap can't do very much with ...
> 
> There is a schema around which allows a single DN to be both 
> groupOfNames and posixGroup, but it doesn't solve the above 
> problem ... (memberUid vs member).
> 

Well, I don't mind the memberUid vs member problem b/c I don't really mind
having both attributes in the same entry.  I'd rather have duplicated
information the same entry than have duplicated information in two different
entries in two different branches.

So, I assume that OpenLDAP doesn't require the objectclass to be
groupOfNames in order for the group functions to work.  In which case, I can
go ahead with making the objectclasses posixGroup (since NSS *does* require
the objectclass to be posixGroup) and add an auxilliary objectclass that
will allow for the member attribute.

I'm hoping if this won't work, someone will have tried to stop me by now.
;-)

-- DK

Follow-Ups:
- Re: Groups
  - From: Buchan Milne <bgmilne@obsidian.co.za>

Prev by Date: Re: slurpd setup
Next by Date: Re: ldap.conf - What's it for?
Index(es):
- Chronological
- Thread