Novell Home

Using and Managing Dynamic Groups

Novell Cool Solutions: Feature
By Haripriya S, Jaimon Jose, Jim Sermersheim

Digg This - Slashdot This

Posted: 16 Apr 2002
 

Earlier this year, we looked into Dynamic Groups in this article: Group Management Eating Your Day? Try Dynamic Groups. Now that we all understand the basic principles, there's a new AppNotes article designed to take us to a next level.

Here's how to get to the full article:
http://developer.novell.com/research/appnotes/2002/april/05/a020405.htm

Here's an outline of what's covered:

  • Introduction to Dynamic Groups
  • Features of Dynamic Groups
  • Managing and Using Dynamic Groups Through LDAP
  • Example LDAP Commands and LDIF Data for Dynamic Groups Operations
  • Performance Considerations
  • Other Things to Remember

Here's an excerpt:

In Novell eDirectory, Group objects are used to define a set of other Directory objects; the objects listed in the group are called the members of the group. You may have created groups of members for the purposes of single-point rights allocation, mail distribution lists, role-based policies, and so on. Before Novell eDirectory v8.6.1, the only way to build the membership list of a group was to explicitly add each member.

Consider an organization that uses group membership lists to control access to its facilities. If a group holding all employees in the Marketing department is used to grant access to a particular facility, and an employee moves from Marketing to Sales, there is extra maintenance involved in updating the Directory. In addition to changing the department attribute of the employee, the administrator has to remove the employee from the group and add him/her as a member of another group. The more groups an employee is part of, the higher the maintenance cost becomes when changes happen.

To ease the administrative task of group maintenance, Novell eDirectory v8.6.1 has introduced the concept of dynamic groups. Dynamic groups let you specify the members of a group using a search filter. The members of a dynamic group are computed dynamically by the eDirectory server(s) whenever the groups are accessed or evaluated. This makes it easier for a user to group objects together because membership can be based on a certain criterion, without having to manually add each member to the Group object.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell