Table of Contents
Advertisement
Chapter 4. Managing Directory Server Users and Groups
6. Click OK.
4.2.2. Groups
A group consists of users who share a common attribute or are part of a list. Red Hat Directory Server
supports three types of groups: static, dynamic, and certificate. Each group differs by the way in which
users, or members, are added to it:
• A static group has members who are manually added to it, so it is static because the members do
not change unless an administrator manually adds or removes users.
• A dynamic group automatically includes users based on one or more attributes in their entries; the
attributes and values are determined using LDAP URLs. For example, a dynamic group can use
an LDAP filter which searches for entries which contain the attributes and values st=California
and department=sales. As entries are added to the directory with those two attributes, the users
are automatically added as members to the dynamic group. If those attributes are removed from the
entry, the entry is removed from the group.
• A certificate group includes all users who have a specific attribute-value pair in the subject
name of the certificate. For example, the certificate group could be based on having the string
st=California,ou=Sales,ou=West in the subject name. If a user logs onto a server using a
certificate with those attributes in his certificate, the user is automatically added to the group and is
granted all of the access privileges of that group.
To create a group:
36
Advertisement
Table of Contents
