1 Reply Latest reply on Dec 11, 2007 1:37 PM by ajohnson1200

    Dynamic LDAP Groups in Clearspace?

       

      Best practice for LDAP implementation is to use different attributes on individual entries in order to dynamically control group membership.

       

       

      For example: inetOrgPerson might have

       

       

      partner: true / false

       

       

      And then group membership in a partner group is determined by the filter (partner=true), as an ACL

       

       

      However, Clearspace X doesn't appear to support this.  LDAP groups, within the product leverage the groupOfUniqueNames type and expect attibutes like uniquemember to determine who the members are.

       

       

      Is there a way to leverage these dynamic groups inside Clearspace X, or am I stuck with static groups, which have performance and replication issues associated with them.

       

       

      I noticed that the LDAP Groups admin set up has a group filter option, but that seems to just filter out which static groups can be used, not allow dynamic groups