grouper-users - Re: [grouper-users] eduMember objectclass definition
Subject: Grouper Users - Open Discussion List
List archive
- From: Keith Hazelton <>
- To: "Klug, Lawrence" <>, "" <>
- Cc: mace-dir <>
- Subject: Re: [grouper-users] eduMember objectclass definition
- Date: Tue, 05 Jun 2012 14:10:39 -0500
- Priority: normal
Lawrence,
Sometimes coincidence is spooky. I just had an exchange of emails with Tom
Zeller about this issue earlier today, and it was the first time I had
thought about it in a long time.
We could revive that draft, which is still on the shelf, though a little
dusty. There are counter-arguments having to do with the need to support both
eduIsMemberOf and isMemberOf, and distinguish them with different OIDs. I'd
like to see a little discussion on the Grouper and MACE-Dir mailing lists
before going ahead.
One perhaps naive starter question from me: Since the isMemberOf attribute
has a unique OID, 1.3.6.1.4.1.5923.1.5.1.1, does it really matter what name
you associate with it in your LDAP schema? I believe that you could give it a
custom name in your directory, and as long as the OID is as above, nothing
bad happens. If you are expressing group memberships in federated contexts,
then there is a SAML profile for how to do this. Again, no impact on your
internal directory schema. Am I missing something?
--Keith
-----
On the eduMember object class and the isMemberOf and hasMember attributes,
see:
http://middleware.internet2.edu/dir/docs/internet2-mace-dir-ldap-group-membership-200507.html
and
http://middleware.internet2.edu/dir/docs/internet2-mace-dir-group-membership-200507.html
______________
On 06/05/12, "Klug, Lawrence" wrote:
>
>
>
>
> Hi,
>
>
>
> We recently upgraded to OUD for our enterprise directory. Unfortunately,
> the eduMember attribute isMemberOf has name conflict with a system
> attribute name. Our workaround has been a custom objectclass.
>
>
>
> I’m wondering if others in the community have faced this issue and
> what solutions they have used.
>
> There was a new draft on eduMember some time ago where this issue is
> addressed.
>
> isMemberOf changes name to eduIsMemberOf and hasMember changes name to
> eduHasMember.
>
> https://spaces.internet2.edu/download/attachments/2309/eduMember-201108-draft-00.html
>
> Has this been finalized?
>
>
>
> Thanks,
>
>
>
> Lawrence Klug
>
> IMS Platform Development
>
> 310 825-2061
>
> ext 52061
begin:vcard n:HAZELTON;KEITH;;; fn:KEITH D HAZELTON tel;work:608 262-0771 org:University of Wisconsin-Madison;DoIT adr:;;1210 W. Dayton St.;Madison;WI;53706;US email;work;internet: title:Sr. IT Architect version:2.1 end:vcard
- [grouper-users] eduMember objectclass definition, Klug, Lawrence, 06/05/2012
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: [grouper-users] eduMember objectclass definition, Keith Hazelton, 06/05/2012
- RE: [grouper-users] eduMember objectclass definition, Klug, Lawrence, 06/06/2012
- RE: [grouper-users] eduMember objectclass definition, Klug, Lawrence, 06/08/2012
- Message not available
- RE: [MACE-Dir] RE: [grouper-users] eduMember objectclass definition, Klug, Lawrence, 06/11/2012
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
Archive powered by MHonArc 2.6.16.