Hi, I was hoping someone could help me out with an ldap query.
I am trying to implement the member of Algorithm http://middleware.internet2.edu/dir/groups/docs/internet2-mace-dir-groups-best-practices-200210.htm#_memberOf_Algorithm but I am not sure how to get all memberships for a particular user. My ds tree looks like this: organization project1 project2 read, write (per project) then with the unique members in each of read, write so I guess what i need to do is a 2 part query where I get all projects where a user has permissions and then a 2nd query where i get all permission the user has on a project. Is this a sane way to model the directory structure and permissions? What would my query look like for all projects where the user is a uniquemember of a permission? the user would be a person object that is a unique member of the project1 write group and the project2 read group for instance. If there is a link for a tutorial on how to do this kind of thing that would be great as well or a better place to post this kind of question. Or even a good dead-tree reference. Thanks again, Fu-Tung
