One of those things I always had a love/hate relationship with in the
Netscape/Sun directory server was dynamic lists.
Loved 'em because you could create email lists and aci groups that were
self maintaining based on ldap filter criteria.
Hated 'em because no third party app's knew how to use them - most apps
see groups as groupofmembers or groupofuniquemembers with a list of dn's
in member/uniquemember.
It would be nice to have a dynamic group like Netscape's groupOfUrls
(i.e. an ldap url defines members), but have the members returned to
clients as uniquemembers of the group. In this way, you could create
dynamic groups that are much more useful.
For example, if I created:
cn: hr users
objectclass: top
objectclass: groupofuniquenames
objectclass; groupofurls
memberurl: ldap:///<basedn>??sub?(department=hr)
...
and did a search to retrieve it, the people that match the memberurl
would be returned dynamically as uniquemember values.
Issues I see with this:
1. Server load - if I have a lot of these groups and do a search that
returns all groupofurl entries, it could take a lot of resources to
generate that dynamically.
2. Assuming this is inherited from groupofuniquenames, what happens if
I add static members to uniquemember? I would say return the merged
list. How do we know if a value is static or dynamic, to do things like
removing a static member? We don't, but this is similar to the issues
using class of service where attributes are dynamically added.
(Actually, would it be possible to implement this using class of
service? Hmmm...)
- Jeff
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
