[Fedora-directory-users] Which is better - attribute of type dn or multivalued attribute?
Hi,
In our schema we need to have users who will belong to multiple groups. These groups are independent groups and do not have any parent child relationship. So while defining the ObjectClass for my user i have two options:
1) Have an attribute called - isMemberOf and make it of type distinguishedName. This will be a list of all groups to which a user belongs.
2) Have a multivalued attribute - groupName.
which option makes more sense. Assume the functionalities that i need to support are: 1) Search all users belonging to a group 2) edit a user to add/remove a group from profile 3) Delete all the users belonging to a group
regards, Ankur
--------------------------------- Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates.
In our schema we need to have users who will belong to multiple groups. These groups are independent groups and do not have any parent child relationship. So while defining the ObjectClass for my user i have two options:
- Have an attribute called - isMemberOf and make it of type
distinguishedName. This will be a list of all groups to which a user belongs.
- Have a multivalued attribute - groupName.
which option makes more sense. Assume the functionalities that i need to support are:
- Search all users belonging to a group
- edit a user to add/remove a group from profile
- Delete all the users belonging to a group
That's really totally up to you, and what makes sense for you and the apps your LDAP server needs to support. Either way has pros and cons, and you'll need to weigh those and figure out which one works best in your particular situation.
Ankur Agarwal wrote:
Hi,
In our schema we need to have users who will belong to multiple groups. These groups are independent groups and do not have any parent child relationship. So while defining the ObjectClass for my user i have two options:
- Have an attribute called - isMemberOf and make it of type
distinguishedName. This will be a list of all groups to which a user belongs.
- Have a multivalued attribute - groupName.
which option makes more sense. Assume the functionalities that i need to support are:
- Search all users belonging to a group
- edit a user to add/remove a group from profile
- Delete all the users belonging to a group
Check out the Roles feature - http://www.redhat.com/docs/manuals/dir-server/ag/7.1/roles.html#1115402
regards, Ankur
Cheap Talk? Check out http://us.rd.yahoo.com/mail_us/taglines/postman8/*http://us.rd.yahoo.com/evt=39663/*http://voice.yahoo.com Yahoo! Messenger's low PC-to-Phone call rates.
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
389-users@lists.fedoraproject.org
-
Ankur Agarwal -
Morris, Patrick -
Rich Megginson