[Date Prev][Date Next]
Re: memberOf as misuse of data model
On 01/20/2012 06:49 AM, Mathieu MILLET wrote:
Le 20.01.2012 00:45, Howard Chu a Ãcrit :
Felipe Augusto van de Wiel wrote:
On 19-01-2012 15:14, Howard Chu wrote:
Dunno. IMO most people using memberOf are misusing the data model
anyway, so it's of little interest.
Out of curiosity (and because I do try to avoid misusing the data
model), why in your opinion memberOf represents a misuse?
There are two common operations on a group: list all the members, and
see if user X is a member of a group. For the first case, just
retrieve the group entry and look at its member attribute. For the
second case, just do a Compare on the group and test the member
attribute against the user's DN.
I could see a 3rd use case : User management.
When you administer the profile of a user, you simply query the LDAP
entry of the user and you get all of his information, including the
complete list of his groups (with a single LDAP request).
That's a use case, and I recon that it can be achieved by performing one
more LDAP request to lookup for group membership of this particular user.
does the trick.
Dipartimento di Ingegneria Aerospaziale
Politecnico di Milano