--On Friday, April 10, 2015 11:47 PM +0200 Michael Ströder
<michael(a)stroeder.com> wrote:
Poul Etto wrote:
> Thank you for answers...
>
> Michael: We didn't know about it... We need such a structure as each of
> our employees has an account but does not always have access to all our
> services (and there really are many), so we prefered spliting everything
> in different OUs.
You should use group entries for authorization. I'm also using
slapo-memberof which automatically adds back link attribute 'memberOf' to
group member entries. This gives you best flexibility with most LDAP
enabled applications.
Or you can use slapo-dyngroup with the method I laid out, much more
effective IMHO.
--Quanah
--
Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration