In the SOGo documentation it states:
"Finally, SOGo supports LDAP-based groups. Groups must be defined like
any other
authentication sources (ie., canAuthenticate must be set to YES and a
group must have a valid
email address). In order for SOGo to determine if a specific LDAP entry
is a group, SOGo will
look for one of the following objectClass attributes :
group
groupOfNames
groupOfUniqueNames
posixGroup"
I have to ask why:
1. canAuthenticate must be set to YES
2. a group must have a valid email address
What if I have a group that is used only for addresses and not
authentication?
None of the objectClasses groupOfNames, groupOfUniqueNames, nor
posixGroup can have the 'mail' attribute set. The attributes one can set
are very limited. So this is not usable unless I apply for a PEN number
from IANA and create a schema which SUPerior is one of the above classes
and that allows one to set the 'mail' attribute.
It seems to be an awfully useful feature to be able to be able to invite
groups to a meeting, etc. However the above two limitations are
baffling. It would be usable immediately if those limitations were not
there. Now one has to wait for possibly days to receive a PEN and write
a schema.
Was this really thought through? Am I missing a more obvious solution?
Perhaps there is a way around this. I'd like to hear about it. If not, I
suggest removing those limitations. Otherwise this feature is only
usable by those willing to go through the trouble. Then again, even if
everyone was willing to go through the trouble, we'll have thousands of
schema just that extend one of groupOfNames, groupOfUniqueNames, or
posixGroup.
Awaiting some feedback. Thank you.
Simon
--
[email protected]
https://inverse.ca/sogo/lists
