Two other questions on why it might be “slower”
to enumerate the members of a universal group. Since UGs are kept by GCs, are
your developers doing a query in a site with a GC? Are all of your DCs also
GCs? From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark I’m not following Rick and Al on the
security factor. Why would using the attribute method be less secure, assuming
we control who can populate the attribute, the same as we control who can add
members to a group? Maybe I’m missing the point though…thanks for
your thoughts guys <mc> From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Boza
Personally,
I think they should have a look at why their queries take longer than they
want. Likely they are checking the memberof attribute to find out what
the group membership is, right? From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Creamer, Mark
|
Title: Re: [ActiveDir] groups vs attributes
- RE: [ActiveDir] groups vs attributes Passo, Larry
- RE: [ActiveDir] groups vs attributes Tony Murray
- RE: [ActiveDir] groups vs attributes Fugleberg, David A
- RE: [ActiveDir] groups vs attributes Gil Kirkpatrick
- RE: [ActiveDir] groups vs attributes Mulnick, Al
- RE: [ActiveDir] groups vs attributes Mulnick, Al
- RE: [ActiveDir] groups vs attributes Renouf, Phil
- RE: [ActiveDir] groups vs attributes Fugleberg, David A