Fran?ois Beretti wrote: > Thank you very much David, with roles and nested roles I can do > everything I describe in my mail. > > Now I want one more thing. > > I have a hardware appliance who authorize users by testing if they > belong to one given group, by retrieving the lists of the members of > the group. But in our data model, authorization are given through an > intermediary group belonging to several authorization groups.. > > I want that when getting the list of the members, the operation get > the users members of the groups members of this group. > > Is it possible to write or use some plugin to do this ? Can this application use a dynamic group? If so you can create a dynamic group that uses a role query in its filter. -- Pete -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3241 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060508/8757c9bf/attachment.bin
