WebSphere Application Server Network Deployment, Version 6.0.x     Operating Systems: AIX, HP-UX, Linux, Solaris, Windows

Dynamic groups and nested group support

Dynamic groups contain a group name and membership criteria:

Nested groups enable the creation of hierarchical relationships that are used to define inherited group membership. A nested group is defined as a child group entry whose distinguished name (DN) is referenced by a parent group entry attribute.

Dynamic and nested groups simplify WebSphere Application Server security management and increase its effectiveness and flexibility. You only need to assign a larger parent group if all nested groups share the same privilege. Assigning a role to a single parent group simplifies the runtime authorization table.




Related concepts
Dynamic groups and nested group support for the IBM Tivoli Directory Server
Dynamic and nested group support for the SunONE or iPlanet Directory Server
Locating a user's group memberships in Lightweight Directory Access Protocol

Related tasks
Configuring dynamic and nested group support for the IBM Tivoli Directory Server
Configuring dynamic and nested group support for the SunONE or iPlanet Directory Server
Using specific directory servers as the LDAP server

Concept topic    

Terms of Use | Feedback

Last updated: Mar 17, 2005 4:28:29 AM CST
http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/csec_dynamicnestedgroup.html

© Copyright IBM Corporation 2002, 2005. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)