<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffcc" text="#000000">
Hi Team, <br>
<br>
So also, I was told there was some talk on group management.<br>
<br>
The ability to create groups, create users, add users to groups;
already exists in the UserInfoDAO object in security.<br>
The issue is really getting access to that object to execute the
necessary calls.<br>
<br>
I am writing a shell interface to security that will allow us to do
these operations, essentially our (ESGF's) version of:<br>
useradd, groupadd, userdel, groupdel, id<br>
and additionally add-user-to-group, del-user-from-group,
show-groups, show-users,<br>
<br>
If I have missed a particular call please let me know... but I think
that this should do it.<br>
<br>
In the next release of the node manager you will get this shell.<br>
You invoke the shell by typing esgf-sh at the prompt.<br>
<br>
:-)<br>
<br>
I caution the team against employing a big group management
infrastructure.<br>
It is just not necessary (IMHO).... if we have growing pains from
this simple interface *the* would be a good time to grow into a
bigger system. However, something tells me that this shell, and an
analogous web interface (to the same model object) is all we need.<br>
<br>
Also, group information is present in the registry. So we are all
privy to groups and attribute services that have purview over them.<br>
I worked with Luca to put in hooks into the registry for the
attribute service, and for basic whitelisting.<br>
<br>
<pre class="moz-signature" cols="72">--
Gavin M. Bell
Lawrence Livermore National Labs
--
"Never mistake a clear view for a short distance."
-Paul Saffo
(GPG Key - <a class="moz-txt-link-freetext" href="http://rainbow.llnl.gov/dist/keys/gavin.asc">http://rainbow.llnl.gov/dist/keys/gavin.asc</a>)
A796 CE39 9C31 68A4 52A7 1F6B 66B7 B250 21D5 6D3E
</pre>
</body>
</html>