[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Too many default groups in Skolelinux' LDAP schema?

Knut Yrvin:
> torsdag 18. mars 2004, 10:45, skrev Herman Robak:
> > The LDAP frontend must (MUST!!!) enforce this
> > limitation, and warn the admin once it is encountered.
> > Failing silently is not an option.
> 
> Correct. We have to limit the groups to the "person-groups" teacher 
> (user), pupil (user), and administrator. It should be posible to 
> "connect" the one or more teachers to a class, and the same for pupils. 
> But they can only be a member of one class ...

I don't know if everyone knows this - so I'm going to inform anyway:
LDAP itself supports hierarchical groups - where a group can be a
member of one or more groups. For pure ldap-applications (e.g. web-based
systems) this will work fine - but nss_ldap does not support
hierarchical groups in LDAP.

-- 
Bjørn Ove Grøtan
Reply to: