[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Dynlist and dyngroup

--On Tuesday, December 13, 2005 8:14 AM +0100 Eudes LEDUCQ <LEDUCQ@hec.fr> wrote:


is some one can explain me for what Dynlist and Dyngroup are use, what
is the difference between a simply group (groupOfName) ? I need to
create groups in my directory and I don't know what I must use to do

I want to have a group by application, and put the users of each
applications in groups. Then I want to simply test when the user
authenticate himself  in which group he is.

dynlist/dyngroup allow you to create groups from attributes present in entries, rather than using a static list of members.

For example, I could have something like:

dn: uid=joe,cn=people,dc=my,dc=domain
groupAttr: admins
groupAttr: users
groupAttr: staff

Then I could have a dynamic group definition that made it so everyone with "groupAttr=staff" a member of that particular group. If they lose that attribute from their entry, they are no longer in that group. If they gain it, they are.


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html