This is a discussion on Re: LDAP queries for nested mailing lists - VMS ; firstname.lastname@example.org wrote: [...] >I've never much cared for groups defined with uniquemember. My preference >has always been to use dynamic groups instead. That is, rather than >have a list of all the DNs of the group members in the group ...
>I've never much cared for groups defined with uniquemember. My preference
>has always been to use dynamic groups instead. That is, rather than
>have a list of all the DNs of the group members in the group itself, put
>an attribute on each of the user entries saying what groups they belong
>to. Assumimg that attribute is called "groups", you then perform a query
>along the lines of:
>where GROUPNAME is the name of the group you're expanding.
>Again, I don't know what PMDF's LDAP facilities are capable of these days so I
>don't know if this is supported. At least it only requires one lookup.
This is supported. I remember a long posting from Jeremy Begg some time
ago about this item:
>I host a number of mailing lists on behalf of Encompass Australia. All
>member details are held in an LDAP directory (IDDS as it happens - still!)
>and each entry has a multivalued attribute called "UserGroups" which is the
>list of SIGs & LUGs with which that member is associated.
>In PMDF I define a mailing list in the ALIAS file in the usual way, for
>encompass.openvms_sig-list: <"ldap:///dc=decus,dc=org,dc=au?mail?sub?(usergroups=SIGOVS)", \
> [NONEXPANDABLE] NONE, \
> [MODERATOR_ADDRESS] email@example.com, \
> [MODERATOR_LIST] decus_root:[lists]openvms_sig.mod, \
> firstname.lastname@example.org, *, *, *, \
> Encompass Australia Inc. - OpenVMS Special Interest Group
>Thus a member can receive the appropriate mailings simply by being added to
>the directory (with appropriate values for UserGroups).
>Storing the moderator list in LDAP is something I've not bothered to do yet.
BTW: if this is of crucial importance to you, you may want to check (and
perform tests) the functionality when your LDAP server is not available
for some reason. Can you set it up with multiple LDAP servers, does PMDF
support this properly, etc. I've seen some odd things in the past when
doing e.g. LDAP qeuries from within the mappings file.