I am posting this to the UMICH ldap list, for I think this is more general list vs. posting it to openldap list. Apologies if I am posting this to the wrong list.
I am looking into if it is better to use an attribute or a group (groupofuniqnames) for maintaining a list of people in a certain group. If I have a group, say projectaccess, and I want to put maybe 2000 users in that group. Would it be better to have dn:uid=userA,dc=xyz,dc=com cn:UserA Doe ... projectaccess=1 dn:uid=userB,dc=xyz,dc=com cn:UserB Smith ... projectaccess=1 dn:uid=userC,dc=xyz,dc=com cn:UserC Jones ... projectaccess=0 Or: ou=Groups,dc=xyz,dc=com ou: Groups objectClass: organizationalUnit dn:cn=projectaccess,dc=xyz,dc=com objectClass:groupofUniqnames objectClass:posixGroup uid=userA,dc=xyz,dc=com uid=userB,dc=xyz,dc=com cn:projectaccess What are the pros/cons of the two ways listed above from the point of ldap (we use openldap) handling them to looking at it pragmatically (programming code). Thanks! --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
