Re: Too many default groups in Skolelinux' LDAP schema?
> torsdag 18. mars 2004, 10:45, skrev Herman Robak:
> > The LDAP frontend must (MUST!!!) enforce this
> > limitation, and warn the admin once it is encountered.
> > Failing silently is not an option.
> Correct. We have to limit the groups to the "person-groups" teacher
> (user), pupil (user), and administrator. It should be posible to
> "connect" the one or more teachers to a class, and the same for pupils.
> But they can only be a member of one class ...
I don't know if everyone knows this - so I'm going to inform anyway:
LDAP itself supports hierarchical groups - where a group can be a
member of one or more groups. For pure ldap-applications (e.g. web-based
systems) this will work fine - but nss_ldap does not support
hierarchical groups in LDAP.
Bjørn Ove Grøtan