directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fu-Tung Cheng <futung.ch...@yahoo.com>
Subject memberOf Algorithm
Date Fri, 16 May 2008 18:19:19 GMT
Hi,

I was hoping someone could help me out with an ldap query.

I am trying to implement the member of Algorithm

http://middleware.internet2.edu/dir/groups/docs/internet2-mace-dir-groups-best-practices-200210.htm#_memberOf_Algorithm

but I am not sure how to get all memberships for a particular user.

My ds tree looks like this:

organization
project1 project2
read, write (per project)

then with the unique members in each of read, write

so I guess what i need to do is a 2 part query where I get all projects where a user has permissions
and then a 2nd query where i get all permission the user has on a project.

Is this a sane way to model the directory structure and permissions?   What would my query
look like for all projects where the user is a uniquemember of a permission?  

the user would be a person object that is a unique member of the project1 write group and
the project2 read group for instance.

If there is a link for a tutorial on how to do this kind of thing that would be great as well
or a better place to post this kind of question.

Or even a good dead-tree reference.

Thanks again,

Fu-Tung







      



      


Mime
View raw message