On Mon, 2008-10-13 at 11:02 -0500, Dustin Puryear wrote: > Details were in short supply in that original email, agreed. > I'm a little confused why the traditional roles or group membership > model won't work here? I can see the need to create an aux or even > structural objectclass for the application information, but assigning > rights should be a snap and could use what is already there. > Or am I missing something?
Ditto, the above. And with the advantage that most [all?] LDAP tools understand groupOfNames and provide some support for group management.
