ACI to avoid nested groups
Hello there,
We are having Sun ONE 5.2 Patch4 on Solaris 8. The following is my issue..
1. Application is adding a group name as a uniqueMember to the same group. for e.g
dn: cn=Group-Test,o=domain,dc=com
uniqueMember: cn=Group-Test,o=domain,dc=com
can anyone tell me how to avoid this happening in LDAP?
Is it possible to create a ACI to avoid such incidents?
Thanks for anyone response.
SS
[446 byte] By [
sharmy28a] at [2007-11-27 8:35:26]
# 1
It might be possible to do this with an ACI, but it might be an overkill... You may want to check the Directory Server documentation, Reference Guide on the ACI if I recall correctly. There is an ACI example for allowing self addition / deletion in a group.
The ACI you want is similar, but the value is not self but the DN of the group itself.
It should be also possible to avoid hardcoding the group DN by the use of Macro ACI... although it might impact performances.
Regards,
Ludovic.
