Hi, Wondering about the best way to map an ldap hierarchy in 2.0.8...
Use Case: ----------- All P and S entities are instances of 'groupOfNames' ObjectClasses, with DNs like: cn=P1,ou=groups,dc=ldap,dc=example,dc=com cn=S3,cn=P1,ou=groups,dc=ldap,dc=example,dc=com cn=S3,cn=P2,ou=groups,dc=ldap,dc=example,dc=com I considered a flat mapping of users to each of the “P” level and “S” level, however that confounds the requirements. For example, if UserA is a member of S3 and P2, and also S2 and P1, a flatter User-to-Group mapping would not be able to distinguish the restriction of UserA from S3/P1 stuff. Only a pre-existing relationship between P and S level, that is then, in turn, mapped to the user seems to suffice. What is the most effective method for mapping this hierarchy in Syncope 2.0.8? Is there a jexl expression for ObjectLink which would preserve this relationship “as is” with a “cn” or each level (i.e., DN=“cn=S3,cn=P1,ou…?” or DN=“cn=S4,cn=P1,ou…”) Is “realms” the way to go, perhaps mapping all “P” levels to realms and “S” levels to GROUP types? Are custom anytypes (e.g., “P AnyType” an “S AnyType”) applicable? Some other option? You're doing it wrong? Any insight you can provide will be most helpful. Thanks! Dave ----- http://analgesicsolutions.com http://github.com/Novarts/YADA -- Sent from: http://syncope-user.1051894.n5.nabble.com/
