On 05/18/2010 08:48 AM, Rich Megginson wrote: > Roberto Polli wrote: > >> On Tuesday 18 May 2010 16:28:48 Rich Megginson wrote: >> >> >>> ...I would start with the member of plugin code. >>> >>> >> I'll take a look. >> >> do you think it will be better to extend memberof plugin or play directly into >> the group entry >> >> > not sure what you mean by "play directly into the group entry" > > You might be able to do this by extending the member of plugin. With > dynamic groups, you will probably still want to have the member of > functionality, and it should work with member of when using static > groups too. > The difficult part is going to be making the memberOf plug-in work with dynamic groups. Is the idea to have the "member" attributes be virtual attributes that are generated on the fly when a client performs a search for the group? I'm not quite sure how this approach can be made to work with the memberOf plug-in since it is triggered by write operations that affect group membership. > static group: > cn=groupA,.... > objectclass: groupOfNames > member: uid=foo,...<- static member - must add/delete manually > member: uid=bar,...<- static member - must add/delete manually > > dynamic group: > cn=groupB,... > objectclass: groupOfDynNames<- need new objectclass that has both url > specifier attribute and member attribute > memberURL: ldap:///ou=people?sub?(ou=myorg)<- specifies which entries > are members > member: uid=foo,...<- dynamic member - plugin adds this > member: uid=bar,...<- dynamic member - plugin adds this > > uid=foo,ou=people,... > ou: myorg > memberof: cn=groupA,....<- plugin adds this > memberof: cn=groupB,....<- plugin adds this > >> thx+Peace, >> R. >> >> >> > -- > 389 users mailing list > 389-users at lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/389-users >
