Mike_Ho
Sep 25, 2008Cirrus
Dynamic members attribute
Can someone describe an example of how to use the "Dynamic members attribute" option when using the LDAP resource group mapping method? The help text mentions a URL to point to, but it's not clear what the URL is or how this ties together. I checked the Firepass wiki and didn't get an example there.
Currently I'm doing group mappings via LDAP and comparing the user's DN to a group object's static members attribute. It turns out that we're going to have more members than the maximum allowed in a single group by our LDAP implementation so I'm left looking for the most suitable alternative method of authorizing access via LDAP.
As for the directory we might move to a group-of-groups scenario but I'm not sure how I'll map users into those groups-in-a-group. Maybe if I understood the "dynamic members attribute" my problem would be solved. Hey, a guy can dream.
Cheers!