I'm using Sun DS v5.2.
I have three attributes: designation, role.
I am using a tool using which when i create a create/modify user entry with designation filled, a unique member is added to a group 'Members'.
Now, there are circumstances where
* Creating/ Modifying user entry is not done via the tool and so unique member for this user entry is not added to the group 'Members'.
* When user entry is deleted the corresponding, group entry is not deleted.
This is causing inconsistency in the users and the group.
One obvious solution is to write two scripts and schedule their execution.
1) Script to check the user entries, if designation is not empty, create a unique member for that entry in the group.
2) Script to check all unique members of group and if user not found remove unique member in group.
When the number of such groups is multiple this would be difficult to implement.
So,is there any other way to do this?
The Referential Integrity plugin can be used for #2 : When enabled, the post operation Referential Integrity plug-in performs integrity updates on the member, uniquemember, owner and seeAlso attributes immediately after a delete or rename operation, so your member would be automatically removed from the group when the entry is deleted.