Hi Everyone:

I would like to get some advice from the forum. I am trying to manage
several types of AD groups. (e.g.Type one: Driver will only add members
to the group in AD. Type two: driver will add and remove members to a
group.) I am debating how to differentiate different groups in the
policy. I have two ideas: first one is to create a sub container in the
vault to store a certain type of group. Currently all the groups are
stored in /int/group. In the future, I will have /int/group/typeA,
/int/group/typeB etc. The second idea is to create a auxiliary attribute
on the group object. I will stored "typeA" or "type B" as the value for
the auxiliary attribute. Both methods seem reasonable so I would like
to get some feed back from the forum. If anyone has a third suggestion,
please let me know.


vivianfeng's Profile: http://forums.novell.com/member.php?userid=1654
View this thread: http://forums.novell.com/showthread.php?t=389934