Because it relies on a user having multiple memberof attributes to describe their group membership. This is OK if thats how you do group membersip, but I already protect various bits of the directory using OpenLDAP's group scheme - a seperate group object that contains multiple member attributes, each being the DN of the 'subscriber'. I don't want to support multiple group schemes if I can at all avoid it.I have determined that the way its currently setup (the ldap ptloader)
won't do what I want, so I am in the process of rewriting it for my needs.
Interesting. Why is that? (Not using it myself right now, but would like to at some point.)
I hope I didn't come off sounding like a jerk. I really don't mind doing the work. It'd be twice as nice if others were interested, but if not thats ok too ;-) I'd just like to see the API docs, or at least some notes, if they exist. This is one of the major things that I really wanted to see in Cyrus (external authorization). I'm excited!
Tim
