Issue #17903 has been updated by Adrien Thebo. Status changed from Unreviewed to In Topic Branch Pending Review Target version set to 3.x Branch set to https://github.com/puppetlabs/puppet/pull/1310
---------------------------------------- Feature #17903: The LDAP group provider is hard-coded to manage posixGroup and it's member attribute https://projects.puppetlabs.com/issues/17903#change-82690 Author: Neil Hemingway Status: In Topic Branch Pending Review Priority: Normal Assignee: Neil Hemingway Category: provider Target version: 3.x Affected Puppet version: 2.7.20 Keywords: Branch: https://github.com/puppetlabs/puppet/pull/1310 On redhat, it's useful to be able to manage also groupOfUniqueNames, with it's uniqueMember attribute. nss_ldap allows the uniqueMember attribute to be nested. This provides the ability to group users into organisational groups and functional groups can then be defined in terms of the organisational ones. For example the following LDIF provides for only having to manage user accounts once: cn=operations, ou=Groups, o=$myorg uniqueMember: uid=developer1, ou=People, o=$myorg uniqueMember: uid=developer2, ou=People, o=$myorg cn=developers, ou=Groups, o=$myorg uniqueMember: uid=sysadmin1, ou=People, o=$myorg uniqueMember: uid=sysadmin2, ou=People, o=$myorg cn=ssh_access, ou=Groups, o=$myorg uniqueMember: cn=operations, ou=Groups, o=$myorg uniqueMember: cn=developers, ou=Groups, o=$myorg would allow all four listed users ssh access to the system in question. The advantage is when developer3 comes along, adding them to the developers group automatically grants ssh access. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
