[Date Prev][Date Next]
Re: memberOf attribute
"OpenLDAP Mailing List" <email@example.com> writes:
> The second case is much faster (assuming you make an equality index
> on memberOf).
Unless you have to chase referrals to complete the search, I presume.
> The hard part is assuring referential integrity.
The other hard part is now finding a way to delagate the
administration of the group.
With member or uniqueMember, it's easy.
On the other hand, exploding entries from the DN list is a real pig
and it is much easier to do in one shot with a search like you showed,
but remember the speed benefit may not be real unless your server is
self-contained and has everything in the same backend database.