[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: memberOf attribute

To: openldap-software@OpenLDAP.org
Subject: Re: memberOf attribute
From: Julio Sanchez Fernandez <j_sanchez@stl.es>
Date: 19 Nov 2001 18:06:56 +0100
In-reply-to: <3F56FC4223C94F40B32C892473429C880225C5@senegal.corp.kogz.com>
References: <3F56FC4223C94F40B32C892473429C880225C5@senegal.corp.kogz.com>
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1

"OpenLDAP Mailing List" <openldap@kogz.com> writes:

> The second case is much faster (assuming you make an equality index
> on memberOf).

Unless you have to chase referrals to complete the search, I presume.

> The hard part is assuring referential integrity.

The other hard part is now finding a way to delagate the
administration of the group.

With member or uniqueMember, it's easy.

On the other hand, exploding entries from the DN list is a real pig
and it is much easier to do in one shot with a search like you showed,
but remember the speed benefit may not be real unless your server is
self-contained and has everything in the same backend database.

Julio

References:
- RE: memberOf attribute
  - From: "OpenLDAP Mailing List" <openldap@kogz.com>

Prev by Date: Re: LDAP API to get the search base
Next by Date: Re: boolean attribute problem
Index(es):
- Chronological
- Thread