[pve-devel] allow ldap group access
Stefan Priebe - Profihost AG
s.priebe at profihost.ag
Thu Jan 31 10:11:53 CET 2013
Hi,
Am 31.01.2013 10:09, schrieb Dietmar Maurer:
>> mhm but then we still need to manually sync deleted or added users.
>> Great would be to give a group of ldap users access.
>
> No, that would not be great. This would result in many LDAP queries each time
> you need to check permissions, or when you need a list of users.
>
> Instead, we need to cache the list of valid users, and that cache is called users.cfg.
But how to keep them in sync? I think caching is a good idea but it
should be a tmp cache which get's completely overwritten each X seconds.
Thats for example the way atlassian does it in his products.
Stefan
More information about the pve-devel
mailing list