30 Oct
2010
30 Oct
'10
2:57 a.m.
Hi,
Is there some kind of way to get acl_groups out of LDAP without having to maintain an entry with a list of groups 'a,b,c' and so on?
Our groups have a list of 'member' attributes with CNs pointing at users. Ideally there would be a way to look this up directly.
Alternately I could perhaps use an OpenLDAP overlay to show 'group' attributes for each user's ldap entry. I would then like to be able to tell it to get all 'group' attributes and comma-separate them.
The best option I've seen so far is something like http://www.dovecot.org/list/dovecot/2010-March/047731.html which seems to involve a completely separate LDAP session from a login script.
Thanks in advance for any help,
Ian