[dev] Re: Group class and Datatree
Edward Rudd
erudd at netfor.com
Mon Apr 11 09:39:40 PDT 2005
On Fri, 08 Apr 2005 20:07:02 -0400, Kevin Myer wrote:
> Quoting Edward Rudd <erudd at netfor.com>:
>
[snip]
>
> Does your patch handle groups only or does it handle blocking of all
> views from
> one domain to another (i.e. user at domain1 can't see any shares for
> user at domain2,
> can't see them as a user, and could have an identical userid, except for the
> domain). If so, that would be extremely useful, as trying to run multiple
> domains on one install resulted in users checking the "All
> Authenticated Users"
> permissions, and granting access to all users of all domains in that install,
> not just for their domain. So I went back to maintaining a separate
> installation per domain.. With hooks, and a "chroot DN" patch, I think it
> would be possible to go back to one installation - _much_ easier to maintain.
>
It currently handles separating users, but currently is specific to an
LDAP setup where you have each "domain" under a different OU. If you could
give me some more details on your specific setup I can better generalize
the patch. I am currently working on the group splitting, but due to the
strong ties to the DataTree object it is proving to be rather difficult
unless I rewrite the Group driver. (which I will probably start doing next
week).
> Kevin
>
More information about the dev
mailing list