[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Nested group

Title: Re: [ldapext] Nested group

Regardless of the implementation (which is not visible from the interface), the memberOf attribute contains a list of group and groupOfNames objects of which the object is a member. The server maintains the integrity of the respective member and memberOf attribute values when objects are added, moved or deleted.

This makes it simple toi answer the question, "of what groups is the object a member?"


--------------------------
Sent from Michael Liben's wireless handheld


-----Original Message-----
From: Luke Howard <lukeh@padl.com>
To: Liben, Michael (GTI)
CC: simo <idra@samba.org>; Howard Chu <hyc@highlandsun.com>; ldapext@ietf.org <ldapext@ietf.org>
Sent: Thu Sep 20 00:44:59 2007
Subject: Re: [ldapext] Nested group

Liben, Michael (GTI) wrote:
> In Active Directory, Microsoft maintains 'back link' attributes. One of
> these is memberOf. When an object is added or removed from a group, a
> process runs that updates the back link attribute on the object. If the
> member object is moved or deleted, another process updates the group's
> member attribute accordingly.
>  
This isn't quite correct. Linked references are maintained in a separate
table in the DIB, and returned dynamically at search time. The
background process you're referring to handles references (linked or
not) to entries in non-local partitions.

-- Luke

--
www.padl.com | www.lukehoward.com

This message w/attachments (message) may be privileged, confidential or proprietary, and if you are not an intended recipient, please notify the sender, do not use or share it and delete it. Unless specifically indicated, this message is not an offer to sell or a solicitation of any investment products or other financial product or service, an official confirmation of any transaction, or an official statement of Merrill Lynch. Subject to applicable law, Merrill Lynch may monitor, review and retain e-communications (EC) traveling through its networks/systems. The laws of the country of each sender/recipient may impact the handling of EC, and EC may be archived, supervised and produced in countries other than the country in which you are located. This message cannot be guaranteed to be secure or error-free. This message is subject to terms available at the following link: http://www.ml.com/e-communications_terms/. By messaging with Merrill Lynch you consent to the foregoing.
 
 

 

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext