A static group is one whose entry contains a list of members you explicitly administer. A static group is best suited for a group whose membership is unlikely to change frequently.
When you create the entry for this kind of group, you associate with either the groupofNames (or) groupofUniqueNames object class. Both the object classes have a multi-valued attribute for storing the names of group members. To assign an user as a member of a group, you add the DN of each member to the respective multi-valued attribute.
Dynamic Groups
A dynamic group is one whose membership, rather than maintained in a list, is computed on the fly.
Example 1:
Suppose you want to send an e-mail to all users in the ou=sales naming context. To do this, you create a dynamic group in which you specify ou=sales as the naming context of interest.
Example 2:
You want to send an email to all the employees who report to a manager named Anne Smith
The elements contained in the dynamic group depends on a parameter named "labeledURI", which is a dynamic group property.
A labeledURI is an LDAP URL that defines an ldap search request. For e.g.
labeledURI = ldap:// LDAP_SERVER_NAME:PORTNO/dc=oracle,dc=com ?? sub? (title=Manager)
Therefore dynamic groups provide great flexibility to define groups & change it any moment by modifying labledURI.
How to check the content of a dynamic group?
a) Using OIDDAS web interface
b) By running ldapsearch command for e.g
$ ldapsearch -h LDAP_SERVER_NAME -p PORTNO -b "cn=DYNGROUP,cn=groups,dc=default_realm,dc=com" -s base "(objectclass = *)"
you get,
objectclass=top
objectclass=orclDynamicGroup
objectclass=groupofUniqueNames
No comments:
Post a Comment