[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Creating empty groupOfUniqueNames..

To: Michael Ströder <michael@stroeder.com>
Subject: Re: Creating empty groupOfUniqueNames..
From: Pierangelo Masarati <ando@sys-net.it>
Date: Tue, 14 Dec 2004 14:13:02 +0100
Cc: openldap-software@OpenLDAP.org
References: <004e01c4e0e2$80113aa0$9db30b44@dpboxen> <56708.131.175.154.56.1103011680.squirrel@131.175.154.56> <41BEBD2B.6020703@stroeder.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003

Michael Ströder wrote:

Pierangelo Masarati wrote:
I want to create a set of groups that will be used for authorization purposes. To me, it seems that a groupOfNames or groupOfUniqueNames will best serve this purpose. (Better suggestions?) However, both object classes require at least one member attribute. There will be times though when a member is not known. How do you handle this?
Right now I create all groups with an invalid member attribute:
member: cn=invalid,dc=..,dc=..
Does this break any convention? Is there a better way to handle this?
what I usually do is add the DN of the group itself.
Hmm, this could lead to problems with software which resolves nested groups.

A software that isn't able to trace such a simple loop is likely to fail whatever trick you use.

p.

   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Creating empty groupOfUniqueNames..
  - From: <fuser9bb@hotpop.com>
- Re: Creating empty groupOfUniqueNames..
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: Creating empty groupOfUniqueNames..
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: how can add an encoded LDIF by ldapmodify
Next by Date: RE: 3 database multimaster
Index(es):
- Chronological
- Thread