New Features of Novell eDirectory 8.6.1
Articles and Tips: tip
Novell, Inc.
01 Apr 2002
Two new significant features are included with eDirectory 8.6.1 that was made available to customers in October 2001. These features are Persistent Search and Dynamic Groups. The following is a description of each of these features.
Persistent Search
Persistent Search allows you to track changes to a set of entries on an LDAP server that match a specified search criteria. After the initial search is performed, the server keeps track of the search criteria and sends back information when any entry that matches the criteria is added, modified, deleted, or renamed.
Persistent Search alters the standard LDAP search operation so that it does not end after the initial set of entries matching the earch criteria is returned. Instead, LDAP servers keep the search operation going until it is abandoned by the client or until the client unbinds. This provides clients and servers participating in Persistent Search with an active channel through which entries that change (with any additional information about the changes) can be communicated.
Dynamic Groups
Dynamic Groups allows an administrator to define group membership based on an criterion that is specified by an LDAP search filter. This allows a user's group membership to be based on certain attribute values of their user object.
For example, a dynamic group can specify that all users having a "title" value equal to "Software Engineer" to be a member of the "Engineering" group. If the user's "title" attribute value changes from "Software Engineer" to "Sales Engineer," that user's group membership to the "Engineering" group is automatically revoked.
Dynamic Groups provide a very powerful mechanism for defining access control to protected resouces. It does this by using user profile information (attributes) that is stored on the user's object to access group membership.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.