[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: posixGroup

To: openldap-software@openldap.org, "Karen R McArthur" <kmcarthu@bates.edu>
Subject: Re: posixGroup
From: Shane <squindler@gmail.com>
Date: Wed, 9 May 2007 11:56:56 +0930
Content-disposition: inline
In-reply-to: <46409BB0.2040407@bates.edu>
References: <46409BB0.2040407@bates.edu>

This is the same basic problem I'm trying to solve (on list: rewrite
rule - turn groupOfNames into posixGroup)

I kind of like you're solution, despite the obvious duplication, of
putting both the uid and the dn into the memberuid field - at least
that way makes it a unified place for group management rather than
needing to maintain seperate posixGroup and groupOfNames lists.

A rewrite rule sounded ideal - pity it seems to be impossible. It
seemed like such a simple idea for requests to
cn=groupName,cn=posixGroups to select matching groupname from
cn=groupsOfNames, and return objectClass posixGroup and member: regex(
s/uid=(.*?),.*/\1/ ) ...and overlay was suggested as a possibility - I
have no idea how to start with that yet, even though the overlay idea
was suggested as also being not very nice it may be my best choice for
now if it works ...any pointers on where to start / examples? (pls
don't just recommend the man pages as I'll read them regardless)

short of overlays possibly working looks like we're stuck waiting for
all clients to move to the correct LDAP standard of using groupOfNames
and until then have to deal with duplication.

Shane.

Follow-Ups:
- Re: posixGroup
  - From: Shane <squindler@gmail.com>

References:
- posixGroup
  - From: Karen R McArthur <kmcarthu@bates.edu>

Prev by Date: Re: Delta-syncrepl and latency
Next by Date: Re: differend backends under one suffix
Index(es):
- Chronological
- Thread