friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahy_5.4.0.1/rzahygpattr.htm

82 lines
4.9 KiB
HTML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-09-06" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>Directory Server (LDAP) - Group attribute types</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="rzahygpattr"></a>
<h4 id="rzahygpattr">Group attribute types</h4>
<dl>
<dt class="bold">ibm-allGroups</dt>
<dd>Shows all groups to which an entry belongs. An entry can be
a member directly by the <span class="bold">member</span>, <span class="bold">uniqueMember</span>, or <span class="bold">memberURL</span> attributes,
or indirectly by the <span class="bold">ibm-memberGroup</span> attribute.
This <span class="bold">Read-only</span> operational attribute is not
allowed in a search filter. The <span class="bold">ibm-allGroups</span> attribute
can be used in a compare request to determine if an entry is a member of given
group. For example, to determine if "cn=john smith,cn=users,o=my company"
is a member of the group "cn=system administrators, o=my company":
<pre class="xmp">rc = ldap_compare_s(ld, "cn=john smith,cn=users,o=my company, "ibm-allgroups",
"cn=system administrators,o=my company");</pre>
</dd>
<dt class="bold">ibm-allMembers </dt>
<dd>Shows all members of a group. An entry can be a member directly
by the <span class="bold">member</span>, <span class="bold">uniqueMember</span>, or <span class="bold">memberURL</span> attributes,
or indirectly by the <span class="bold">ibm-memberGroup</span> attribute.
This <span class="bold">Read-only</span> operational attribute is not
allowed in a search filter. The <span class="bold">ibm-allMembers</span> attribute can be used in a compare request to determine if a DN is a
member of given group. For example, to determine if "cn=john smith,cn=users,o=my
company" is a member of the group "cn=system administrators, o=my company":
<pre class="xmp">rc = ldap_compare_s(ld, "cn=system administrators,o=my company, "ibm-allmembers",
"cn=john smith,cn=users,o=my company");
</pre>
</dd>
<dt class="bold">ibm-group </dt>
<dd>Is an attribute taken by the auxiliary class <span class="bold">ibm-dynamicMember</span>. Use it to define arbitrary values to control membership
of the entry in dynamic groups. For example, add the value "Bowling Team"
to include the entry in any <span class="bold">memberURL</span> that
has the filter "ibm-group=Bowling Team".
</dd>
<dt class="bold">ibm-memberGroup </dt>
<dd>Is an attribute taken by the auxiliary class <span class="bold">ibm-nestedGroup</span>. It identifies sub-groups of a parent group entry. Members
of all such sub-groups are considered members of the parent group when processing
ACLs or the <span class="bold">ibm-allMembers</span> and <span class="bold">ibm-allGroups</span> operational attributes. The sub-group entries themselves
are <span class="italic">not</span> members. Nested membership is recursive.
</dd>
<dt class="bold">member</dt>
<dd>Identifies the distinguished names for each member of the
group. For example: <tt class="xph">member: cn=John Smith, dc=ibm, dc=com</tt>.
</dd>
<dt class="bold">memberURL</dt>
<dd>Identifies a URL associated with each member of a group. Any
type of labeled URL can be used. For example: <tt class="xph">memberURL: ldap:///cn=jsmith,dc=ibm,dc=com</tt>.
</dd>
<dt class="bold">uniquemember</dt>
<dd>Identifies a group of names associated with an entry where
each name was given a uniqueIdentifier to ensure its uniqueness. A value for
the uniqueMember attribute is a DN followed by the uniqueIdentifier. For example: <tt class="xph">uniqueMember: cn=John Smith, dc=ibm, dc=com 17</tt>.
</dd>
</dl>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink