[389-users] dynamic group expansion: writing a patch...
Rich Megginson
rmeggins at redhat.com
Tue May 18 15:48:26 UTC 2010
Roberto Polli wrote:
> On Tuesday 18 May 2010 16:28:48 Rich Megginson wrote:
>
>> ...I would start with the member of plugin code.
>>
> I'll take a look.
>
> do you think it will be better to extend memberof plugin or play directly into
> the group entry
>
not sure what you mean by "play directly into the group entry"
You might be able to do this by extending the member of plugin. With
dynamic groups, you will probably still want to have the member of
functionality, and it should work with member of when using static
groups too.
static group:
cn=groupA,....
objectclass: groupOfNames
member: uid=foo,... <- static member - must add/delete manually
member: uid=bar,... <- static member - must add/delete manually
dynamic group:
cn=groupB,...
objectclass: groupOfDynNames <- need new objectclass that has both url
specifier attribute and member attribute
memberURL: ldap:///ou=people?sub?(ou=myorg) <- specifies which entries
are members
member: uid=foo,... <- dynamic member - plugin adds this
member: uid=bar,... <- dynamic member - plugin adds this
uid=foo,ou=people,...
ou: myorg
memberof: cn=groupA,.... <- plugin adds this
memberof: cn=groupB,.... <- plugin adds this
> thx+Peace,
> R.
>
>
More information about the 389-users
mailing list