Hi everyone,

here is a design problem, maybe someone has experienced it before,
regarding myself i'm not skilled enough to figure out a good way to
solve my problem:

I want to use some role containers under level10~30 to modelize the
hierarchical organization: for example under the level30

|__ Direction1
| |
| |__ Role D1
| |
| |__Service1
| | |
| | |__ Role S1
| |
| |__Service2
| | |
| | |__ Role S2

I would like to set trustees on my role containers which could be
pretty useful since i could use inheritance so that Service1
staffmembers get access to their roles and by inheritance the roles of

But here is the problem : the role containers cannot inherits from the
parent role container: for example if Service2 inherits from Direction1
,then anyone in Direction1 will get access to Role S2, even the Service1
In fact, the only class object that should inherit the trustees is
nrfRole and not nrfRoleDefs but i don't know if it's possible to choose
which class or object can inherit or not.

I tried to use the inheritance mask on my role containers to block the
trustees from the parent container but it seems that it produce some
trouble to access the roles by role managers since i have to block
everything excepted supervisor right... :s

Is there any good/efficient way to manage this kind of situation or is
it simply impossible to make ?

Thanks for support.

sjahan's Profile: http://forums.novell.com/member.php?userid=16002
View this thread: http://forums.novell.com/showthread.php?t=334938