ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzatz_5.4.0.1/51/sec/secldapdyn.htm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">

<title>Dynamic groups and nested group support</title>
</head>

<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>

<h6><a name="secldapdyn"></a>Dynamic groups and nested group support (Version 5.1.1 or later)</h6>

<p><em>Dynamic groups</em> contain a group name and membership criteria:</p> 

<ul>
<li>The group membership information is as current as the information on the user object.</li>
<li>Manually maintaining members on the group object is not necessary.</li>
<li>Dynamic groups are designed so application does not need a large amount of information from the directory to find out if someone is a member of a group.</li>
</ul> 

<p><em>Nested groups</em> enable the creation of hierarchical relationships that are used to define inherited group membership. A nested group is defined as a child group entry whose distinguished name (DN) is referenced by a parent group entry attribute.</p>

<p>Dynamic and nested groups simplify WebSphere Application Server - Express security management and increase its effectiveness and flexibility. You only need to assign a larger parent group if all nested groups share the same privilege. Assigning a role to a single parent group simplifies the runtime authorization table.</p>

</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">`
			`<html>`
			`<head>`
			`<META http-equiv="Content-Type" content="text/html; charset=utf-8">`
			`<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">`

			`<title>Dynamic groups and nested group support</title>`
			`</head>`

			`<BODY>`
			`<!-- Java sync-link -->`
			`<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>`

			`<h6><a name="secldapdyn"></a>Dynamic groups and nested group support (Version 5.1.1 or later)</h6>`

			`<p><em>Dynamic groups</em> contain a group name and membership criteria:</p>`

			`<ul>`
			`<li>The group membership information is as current as the information on the user object.</li>`
			`<li>Manually maintaining members on the group object is not necessary.</li>`
			`<li>Dynamic groups are designed so application does not need a large amount of information from the directory to find out if someone is a member of a group.</li>`
			`</ul>`

			`<p><em>Nested groups</em> enable the creation of hierarchical relationships that are used to define inherited group membership. A nested group is defined as a child group entry whose distinguished name (DN) is referenced by a parent group entry attribute.</p>`

			`<p>Dynamic and nested groups simplify WebSphere Application Server - Express security management and increase its effectiveness and flexibility. You only need to assign a larger parent group if all nested groups share the same privilege. Assigning a role to a single parent group simplifies the runtime authorization table.</p>`

			`</body>`
			`</html>`