Re: [PATCH] Nested groups
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
Re: [PATCH] Nested groups
- From: Jeremy Page <jeremy.page [at] gilbarco.com>
- To: <nss-pam-ldapd-users [at] lists.arthurdejong.org>
- Subject: Re: [PATCH] Nested groups
- Date: Fri, 22 Mar 2013 08:24:11 -0400
On Thu, 2013-03-21 at 12:36 +0000, Steve Hill wrote:
The attached patches implement support for nested LDAP groups in
nslcd.
<snip>
Thanks for providing the patch, looks very interesting. One thing that
I'm still looking into is limiting the search depth in some way to be
able to limit the recursion to not go wild when one group has another
group as a member and vice versa.
In practice this shouldn't be a problem with the current myldap_search()
implementation because the number of parallel searches has a fixed
limit.
Another point would be to use a queue mechanism similar to what is done
in the Solaris NSS netgroup code so that only one search operation is
running at the same time.
Btw, 0.7.5 is a bit old. There have been quite a number of important
fixes in later 0.7 releases.
Thanks,
I just wanted to voice support for this functionality. I'd love to move
away from libnss-ldap for several reasons but we depend on nested
groups. I think for many large organizations this is a must have. Thank
you for working on this Steve.
Please be advised that this email may contain confidential
information. If you are not the intended recipient, please notify us
by email by replying to the sender and delete this message. The
sender disclaims that the content of this email constitutes an offer
to enter into, or the acceptance of, any agreement; provided that the
foregoing does not invalidate the binding effect of any digital or
other electronic reproduction of a manual signature that is included
in any attachment.
--
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-users/
